urlscan.io logo urlscan.io
SecurityTrails logo

qpak-blazecasino.somee.com Open in urlscan Pro
155.254.244.30  Public Scan

Go To Rescan Add Verdict Report
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Submission: On August 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 14 domains to perform 23 HTTP transactions. The main IP is 155.254.244.30, located in Dallas, United States and belongs to JOESDATACENTER, US. The main domain is qpak-blazecasino.somee.com.
This is the only time qpak-blazecasino.somee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 155.254.244.30 19969 (JOESDATAC...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.109 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 64.15.148.70 32613 (IWEB-AS)
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 85.13.222.214 31708 (COREIX-UK...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 23.206.208.114 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
23 13
3    155.254.244.30 (Dallas, United States)

ASN19969 (JOESDATACENTER, US)
qpak-blazecasino.somee.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    143.204.98.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-109.fra50.r.cloudfront.net
www.online-casinos.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    64.15.148.70 (Canada)

ASN32613 (IWEB-AS, CA)
www.casinoveritas.com
1    2606:4700:3108::ac42:28e5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.slotsup.com
1    2606:4700:3034::ac43:bfdf (United States)

ASN13335 (CLOUDFLARENET, US)
www.slots-o-rama.com
1    85.13.222.214 (Brentwood, United Kingdom)

ASN31708 (COREIX-UK-AS London, Great Britain, GB)
PTR: server2902.click-profits.com
www.gamingslots.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com
s7.addthis.com
5    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
353 KB
3 somee.com
qpak-blazecasino.somee.com
193 KB
2 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2760
627 B
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 122
373 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
173 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
33 KB
1 gamingslots.com
www.gamingslots.com
251 KB
1 slots-o-rama.com
www.slots-o-rama.com
83 KB
1 slotsup.com
www.slotsup.com
239 KB
1 casinoveritas.com
www.casinoveritas.com
152 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
5 KB
1 online-casinos.com
www.online-casinos.com
66 KB
0 Failed
function sub() { [native code] }. Failed
0 slotcatalog.com Failed
slotcatalog.com Failed
23 14
Domain Requested by
5 www.googletagmanager.com qpak-blazecasino.somee.com
3 qpak-blazecasino.somee.com qpak-blazecasino.somee.com
2 s7.addthis.com 1 redirects qpak-blazecasino.somee.com
2 i.ytimg.com qpak-blazecasino.somee.com
2 pagead2.googlesyndication.com qpak-blazecasino.somee.com
pagead2.googlesyndication.com
1 ajax.googleapis.com qpak-blazecasino.somee.com
1 www.gamingslots.com qpak-blazecasino.somee.com
1 www.slots-o-rama.com qpak-blazecasino.somee.com
1 www.slotsup.com qpak-blazecasino.somee.com
1 www.casinoveritas.com qpak-blazecasino.somee.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.online-casinos.com qpak-blazecasino.somee.com
0 91.215.152.128 Failed qpak-blazecasino.somee.com
0 slotcatalog.com Failed qpak-blazecasino.somee.com
23 14

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
online-casinos.com
Amazon RSA 2048 M02		 2023-05-14 -
2024-06-10		 a year crt.sh
casinoveritas.com
R3		 2023-06-20 -
2023-09-18		 3 months crt.sh
slotsup.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
slots-o-rama.com
GTS CA 1P5		 2023-07-31 -
2023-10-29		 3 months crt.sh
www.gamingslots.com
R3		 2023-07-03 -
2023-10-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Frame ID: 5764384D320C9F9D99C2396500AD7580
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/zrt_lookup.html
Frame ID: 3791E999E8C8C9D5C17762068BE04C8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

70 %
HTTPS

58 %
IPv6

14
Domains

14
Subdomains

13
IPs

4
Countries

1922 kB
Transfer

2965 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/300/addthis_widget.js

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request page-847-2024-03-29.html
qpak-blazecasino.somee.com/bonus/ 		71 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
HTTP/1.1
Server
155.254.244.30 Dallas, United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0aecc5b90231fd721e4317d92fce4b4002a0e690c3c007b17dcf20961a0c4179

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
73175
Content-Type
text/html
Date
Tue, 01 Aug 2023 23:50:47 GMT
ETag
"aa5c897e6b5d91:0"
Last-Modified
Wed, 12 Jul 2023 21:19:08 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
bootstrap.min.css
qpak-blazecasino.somee.com/css/ 		119 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://qpak-blazecasino.somee.com/css/bootstrap.min.css
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
HTTP/1.1
Server
155.254.244.30 Dallas, United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 23:50:47 GMT
Last-Modified
Wed, 12 Jul 2023 21:19:12 GMT
Server
Microsoft-IIS/10.0
ETag
"617bf816b5d91:0"
X-Powered-By
ASP.NET
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
122184
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff5b329253b30b5cd19fdddb85af168d701301e2171dfe07717bd3ed7be671ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qpak-blazecasino.somee.com/
Origin
http://qpak-blazecasino.somee.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50400
x-xss-protection
0
server
cafe
etag
13649135242215859592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 23:50:47 GMT
qwertymin.js
qpak-blazecasino.somee.com/css/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://qpak-blazecasino.somee.com/css/qwertymin.js
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
HTTP/1.1
Server
155.254.244.30 Dallas, United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 23:50:47 GMT
Last-Modified
Wed, 12 Jul 2023 21:19:11 GMT
Server
Microsoft-IIS/10.0
ETag
"f29668806b5d91:0"
X-Powered-By
ASP.NET
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1365
maxresdefault.jpg
i.ytimg.com/vi/dYiRfUnKUDA/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/dYiRfUnKUDA/maxresdefault.jpg
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75f8e0ce08beee0902228c3fce243cc83dbf0772cdfcd111e4701d94fc57cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:47 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131627
x-xss-protection
0
server
sffe
etag
"1417556090"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 02 Aug 2023 01:50:47 GMT
jewel-scarabs-play-for-free.jpg
www.online-casinos.com/pictures/slots/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.online-casinos.com/pictures/slots/jewel-scarabs-play-for-free.jpg
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-109.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e94f892fb2a7fae76978aa9f0370d69525823334f84654df7357264d22b639ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:47 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Jul 2023 11:55:08 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"64ae949c-107aa"
vary
Accept-Encoding,Accept
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
max-age=315360000, public, no-transform, max-age=5184000
accept-ranges
bytes
content-length
67498
x-amz-cf-id
yUybBX8-HDZCG3kkiQihnzR1Vuh3UcwjfsYz26SdZz0bKZUz6UfS6Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
maxresdefault.jpg
i.ytimg.com/vi/6YHQsCKpSZM/ 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/6YHQsCKpSZM/maxresdefault.jpg
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9af4c7f8ad47d5d91fbf2caf51630e546954744c7e04fb4601b71f436d19a8ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:47 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250058
x-xss-protection
0
server
sffe
etag
"1561163293"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 02 Aug 2023 01:50:47 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/ 		361 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=qpak-blazecasino.somee.com&bust=31076544
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0fbf11149e7687fd27226e72c54b6726fa265ebf8ac9a0b8629edbf2c3c958a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126337
x-xss-protection
0
server
cafe
etag
11480571569182459250
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 23:50:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/ Frame 3791 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230731/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qpak-blazecasino.somee.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8807
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 21:24:00 GMT
etag
12368291122986407432
expires
Tue, 15 Aug 2023 21:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Jackpot-Jewels-4.jpg
slotcatalog.com/userfiles/image/games/Barcrest/2095/ 		0
0
princess-jewels-2.jpg
www.casinoveritas.com/game-images/wager-gaming/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casinoveritas.com/game-images/wager-gaming/princess-jewels-2.jpg
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.15.148.70 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
389e8950d3e56d195d3249fbf006f6535d614aa33fcc87aafa841974f611ba3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:48 GMT
last-modified
Mon, 18 Feb 2019 17:06:45 GMT
server
nginx
etag
"5c6ae625-25e1b"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
155163
jewel-blast-quickspin-casino-slots.png
www.slotsup.com/wp-content/uploads/default/ 		238 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slotsup.com/wp-content/uploads/default/jewel-blast-quickspin-casino-slots.png
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e692a803973df7522c5d07e5392d480e1fd2fdbe418ffcf2080d4557f6f558a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sun, 20 Aug 2017 13:59:25 GMT
server
cloudflare
etag
"599995bd-3b826"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f01fc4c4e4f3611-FRA
content-length
243750
expires
Mon, 30 Oct 2023 23:50:49 GMT
Amazon-Jewels-1_s.jpg
slotcatalog.com/userfiles/image/games/Wild-Streak-Gaming/9825/ 		0
0
image-1-3.jpg
www.slots-o-rama.com/wp-content/uploads/2020/09/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.slots-o-rama.com/wp-content/uploads/2020/09/image-1-3.jpg
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bfdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d531cbbd2d39f59633104784ffb088341724305a122e811463aa8ca7efb5b280

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:49 GMT
cf-cache-status
MISS
last-modified
Sun, 27 Sep 2020 02:37:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"14833-5f6ffaf2-141c50;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pMglVXaGrHM%2F4L6IRZ8Qhl5jVKPyViO53lhCdCVfY1zWsixmFEmhvRYtZ3g%2FV2cTpjoGGYF4hK9XnH4dtWn%2BLWcvdEPTd27myCgaIM8fkoo%2FZfJY7TV6eKmY4gK%2Fp%2FV%2FX9i9iDyWiKfu4Un8HpFHuj5Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7f01fc4edae21cc9-FRA
alt-svc
h3=":443"; ma=86400
content-length
84019
expires
Tue, 08 Aug 2023 23:50:49 GMT
just-jewels-deluxe-slot-gs.jpg
www.gamingslots.com/wp-content/uploads/2012/07/ 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gamingslots.com/wp-content/uploads/2012/07/just-jewels-deluxe-slot-gs.jpg
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.222.214 Brentwood, United Kingdom, ASN31708 (COREIX-UK-AS London, Great Britain, GB),
Reverse DNS
server2902.click-profits.com
Software
Apache /
Resource Hash
f740a6cc1c6c1d1d323e37d47962fbd0295d068e4724469d348c60e40143f7b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:49 GMT
last-modified
Tue, 21 Oct 2014 18:37:02 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
public
accept-ranges
bytes
content-length
256753
expires
Wed, 31 Jul 2024 23:50:49 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 17:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 17:07:08 GMT
addthis_widget.js
s7.addthis.com/js/300/
Redirect Chain
  • http://s7.addthis.com/js/300/addthis_widget.js
  • https://s7.addthis.com/js/300/addthis_widget.js
56 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Aug 2023 23:50:47 GMT
server
Oracle API Gateway
opc-request-id
/29761950CD0CB3DD3C4F76B34520E5E1/8FA0B8F0B204157500E5458205F93816
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block

Redirect headers

Date
Tue, 01 Aug 2023 23:50:47 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/300/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
js
www.googletagmanager.com/gtag/ 		267 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7bf5bf6e1cbb6cbd8c6d79ca8bbbc1bc0d8359ef917254f04d06457b7d843492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90269
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 01 Aug 2023 23:50:49 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c1044f0746e9da4c80dd160398c193cfb8822c249bee8ee36db840ca1e01964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85722
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 01 Aug 2023 23:50:49 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-96521599-1
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d3f5b9c8281a8b313afefda755760bedcf000be7d68dc239a39947233275042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61580
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 23:17:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 23:50:49 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-199856617-1
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb51d9b6cb0751a4bf59d532158f779adfb3040599ed17e4a027c84e4ac4a3eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61629
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 23:17:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 23:50:50 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162690612-1
Requested by
Host: qpak-blazecasino.somee.com
URL: http://qpak-blazecasino.somee.com/bonus/page-847-2024-03-29.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e41785860b82a15a1dc1c14d68ed5e73bb8cd0f34815f9ef5065687d2ce03b46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qpak-blazecasino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:50:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61705
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 23:17:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 23:50:50 GMT
bronline
91.215.152.128/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
slotcatalog.com
URL
https://slotcatalog.com/userfiles/image/games/Barcrest/2095/Jackpot-Jewels-4.jpg
Domain
slotcatalog.com
URL
https://slotcatalog.com/userfiles/image/games/Wild-Streak-Gaming/9825/Amazon-Jewels-1_s.jpg
Domain
91.215.152.128
URL
http://91.215.152.128/bronline?default_keyword=Jogos+de+slots+online+Jewels+World

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| keyword object| _0xdfb0 function| google_sa_impl

0 Cookies

4 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Jogos+de+slots+online+Jewels+World, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Jogos+de+slots+online+Jewels+World, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://slotcatalog.com/userfiles/image/games/Barcrest/2095/Jackpot-Jewels-4.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://slotcatalog.com/userfiles/image/games/Wild-Streak-Gaming/9825/Amazon-Jewels-1_s.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

91.215.152.128
ajax.googleapis.com
googleads.g.doubleclick.net
i.ytimg.com
pagead2.googlesyndication.com
qpak-blazecasino.somee.com
s7.addthis.com
slotcatalog.com
www.casinoveritas.com
www.gamingslots.com
www.googletagmanager.com
www.online-casinos.com
www.slots-o-rama.com
www.slotsup.com
91.215.152.128
slotcatalog.com
143.204.98.109
155.254.244.30
23.206.208.114
2606:4700:3034::ac43:bfdf
2606:4700:3108::ac42:28e5
2a00:1450:4001:808::2002
2a00:1450:4001:827::2016
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
64.15.148.70
85.13.222.214
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
0aecc5b90231fd721e4317d92fce4b4002a0e690c3c007b17dcf20961a0c4179
0c1044f0746e9da4c80dd160398c193cfb8822c249bee8ee36db840ca1e01964
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
389e8950d3e56d195d3249fbf006f6535d614aa33fcc87aafa841974f611ba3e
75f8e0ce08beee0902228c3fce243cc83dbf0772cdfcd111e4701d94fc57cdca
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
7bf5bf6e1cbb6cbd8c6d79ca8bbbc1bc0d8359ef917254f04d06457b7d843492
8d3f5b9c8281a8b313afefda755760bedcf000be7d68dc239a39947233275042
8e692a803973df7522c5d07e5392d480e1fd2fdbe418ffcf2080d4557f6f558a
9af4c7f8ad47d5d91fbf2caf51630e546954744c7e04fb4601b71f436d19a8ab
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c0fbf11149e7687fd27226e72c54b6726fa265ebf8ac9a0b8629edbf2c3c958a
d531cbbd2d39f59633104784ffb088341724305a122e811463aa8ca7efb5b280
e41785860b82a15a1dc1c14d68ed5e73bb8cd0f34815f9ef5065687d2ce03b46
e94f892fb2a7fae76978aa9f0370d69525823334f84654df7357264d22b639ad
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f740a6cc1c6c1d1d323e37d47962fbd0295d068e4724469d348c60e40143f7b7
fb51d9b6cb0751a4bf59d532158f779adfb3040599ed17e4a027c84e4ac4a3eb
ff5b329253b30b5cd19fdddb85af168d701301e2171dfe07717bd3ed7be671ab