play-game-vulcan.vip Open in urlscan Pro
104.21.64.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://play-game-vulcan.vip/
Effective URL:
http://play-game-vulcan.vip/casino/
Submission Tags: phishingrod
Submission: On May 09 via api (May 9th 2023, 2:17:26 pm UTC) from DE — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 22 HTTP transactions. The main IP is 104.21.64.139, located in and belongs to CLOUDFLARENET, US. The main domain is play-game-vulcan.vip.

This is the only time play-game-vulcan.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	172.67.151.54 172.67.151.54		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	104.21.64.139 104.21.64.139		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a		15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119		208722 (GLOBAL_DC) (GLOBAL_DC)
22	4

1 172.67.151.54 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

play-game-vulcan.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.21.64.139 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

play-game-vulcan.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	play-game-vulcan.vip 2 redirects play-game-vulcan.vip	374 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8724	3 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3374	74 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	757 B
22	4

	Domain	Requested by
18	play-game-vulcan.vip	2 redirects play-game-vulcan.vip
7	mc.yandex.com	3 redirects play-game-vulcan.vip
3	mc.yandex.ru	2 redirects play-game-vulcan.vip
1	fonts.googleapis.com	play-game-vulcan.vip
22	4

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh

This page contains 1 frames:

Primary Page: http://play-game-vulcan.vip/casino/
Frame ID: 0BECB0C5A2C4D7EB45F877E8CAF27D38
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sol Casino (Сол казино) играть на официальном сайте клуба

Page URL History Show full URLs

https://play-game-vulcan.vip/ HTTP 301
http://play-game-vulcan.vip/ HTTP 301
http://play-game-vulcan.vip/casino/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

14 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

448 kB
Transfer

750 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://play-game-vulcan.vip/ HTTP 301
http://play-game-vulcan.vip/ HTTP 301
http://play-game-vulcan.vip/casino/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9992.3cgMVSTpa_G9Owr-y0qzlWSRxaPvCTlYKuxRuDidGPzlv6zfZL94u581NxqA0RgZ.Js61aSHJbiIgG4k9tiYZusV_CA4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9992.7E3lMoNdCsGWsH0cPd_MtM2Bwt6Ap4KsKqNE0R_pJDcGzMSxQ1VD85AFVoqDVoTOgQzESHVa2uDTpNkdDMPM2hX-m8oNaSlPxAhTy2SFc2c%2C.AXnTqVJ7Pvi2ar8S3d1sh93O3Pk%2C

Request Chain 20

https://mc.yandex.com/watch/82249825?wmode=7&page-url=http%3A%2F%2Fplay-game-vulcan.vip%2Fcasino%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A1381%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1631168802257%3Ahid%3A397879338%3Az%3A0%3Ai%3A20230509141721%3Aet%3A1683641842%3Ac%3A1%3Arn%3A1049823278%3Arqn%3A1%3Au%3A16836418423795477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C447%2C3%2C589%2C0%2C%2C100%2C24%2C%2C%2C%2C1140%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1683641840325%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683641842%3At%3ASol%20Casino%20(%D0%A1%D0%BE%D0%BB%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE)%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%BA%D0%BB%D1%83%D0%B1%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/82249825/1?wmode=7&page-url=http%3A%2F%2Fplay-game-vulcan.vip%2Fcasino%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A1381%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1631168802257%3Ahid%3A397879338%3Az%3A0%3Ai%3A20230509141721%3Aet%3A1683641842%3Ac%3A1%3Arn%3A1049823278%3Arqn%3A1%3Au%3A16836418423795477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C447%2C3%2C589%2C0%2C%2C100%2C24%2C%2C%2C%2C1140%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1683641840325%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683641842%3At%3ASol%20Casino%20%28%D0%A1%D0%BE%D0%BB%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%29%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%BA%D0%BB%D1%83%D0%B1%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 21

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9992.pFof4nIkJIEO_-UmRcduUUtc8VFvLkOx-sDxqjGOBlQvsCdEssUzG9ouqmEZhTga.NNZVnd0Fo64S9Dq7d1okXysc3pQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.z6id_KpEmQUenC-0mxtXgfaB6SvKEIuSLLdar9qJtWVV6yekzNdIPG7fqmdQOv36eeqwggSvQAvUONvBO19KqmvQP8BFrsYQ8FymX584zJk%2C.Gu43oh8_D8Z7zlxsGSUDsxQE0FY%2C

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
play-game-vulcan.vip/casino/
Redirect Chain

https://play-game-vulcan.vip/
http://play-game-vulcan.vip/
http://play-game-vulcan.vip/casino/

28 KB
9 KB

447ms
447ms

Document
text/html

104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://play-game-vulcan.vip/casino/

Protocol

HTTP/1.1

Server

104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb782c7644641bea62c28a8d94031514416662e2c4b888ba3f356bbe535351f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7c4a90c1ba803aa3-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 May 2023 14:17:21 GMT
Link: <http://play-game-vulcan.vip/wp-json/>; rel="https://api.w.org/" <http://play-game-vulcan.vip/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json"
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxfVXBVaDAfuzztG3CDDqonAucSWtNe57Z2Lbky0dPRNioAn5VXUJXc4WY4A6Pdp6wIILccRxsEzYXJh40oNCQT%2BSMDnTy7578guCr8a8%2FEKE46bd0HnClRtOk%2FeRIqjQu3zt98mwA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-Pingback: http://play-game-vulcan.vip/xmlrpc.php
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7c4a90becdda3aa3-FRA
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 May 2023 14:17:20 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Location: /casino/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08J1RaN0hziY8%2BWyOgW%2FHQckIw3TfPkmr%2FwTjTauIES1HEMhihR1e%2BHNc%2FNO37DpdvBTidGGg91wWj87fIytTYVFi8kA4i1Y%2F%2Blq8x5pZKnBy6j1hUXmxEfrNDHE8Nh%2FXMy2EQKxpw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN SAMEORIGIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK owl.carousel.min.css
play-game-vulcan.vip/wp-content/themes/2444/css/ 3 KB
2 KB 33ms
33ms Stylesheet
text/css 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/wp-content/themes/2444/css/owl.carousel.min.css
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 27 Feb 2023 12:41:07 GMT
Server: cloudflare
ETag: W/"63fca4e3-d17"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4cfU9VNDcXVKpEu%2FugGRoWocAoZYk2twmWeqIBqCYk7u7cz9jixKpGJBkBQENVvQ1FrYUSLAtpvTU4o8VMzkRCPe9aAUaj5sLxBrFzK4dxfjuCWeheRU6z9eMi9%2FZ44q0BlLVTquQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
CF-RAY: 7c4a90c48f253aa3-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
play-game-vulcan.vip/wp-content/themes/2444/css/ 38 KB
8 KB 76ms
70ms Stylesheet
text/css 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/wp-content/themes/2444/css/style.css?v=2.81683641837
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4156a274d5923e9bdcfd355b9bd3f01c06ad065d4462807af7efa2a2dd05799

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 27 Feb 2023 12:41:07 GMT
Server: cloudflare
ETag: W/"63fca4e3-9833"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YX6oqtBNDo95MxbD7%2FAbYSqv962HJbH%2FjXAmrA6y0BwHt%2FZla92d30ddmW%2BvaeMltPCkgcQDvl0WVQQTHyjCzkWaxeiHjVnuneP27acTbhM6LK2VAdIn3esZYhHFzMehMR2Bb9XCZw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
CF-RAY: 7c4a90c49f8339cd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found ProximaNova-Regular.woff
play-game-vulcan.vip/casino/THEME_DIR/fonts/ 0
0 54ms
47ms Font
text/html 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/casino/THEME_DIR/fonts/ProximaNova-Regular.woff
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://play-game-vulcan.vip/casino/
Origin: http://play-game-vulcan.vip
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZiEu0QKr3mYHdPaK%2F5I1jnkCuBGBBxeso5VFNN6dHf2kC5UjcHGuUWEYKqMVzvJN5u2H%2BlbxCUtt3lKsCdnz71akocBASQx0jFfub1rm66oYaNparaQYRjdOz91KwTc1%2F%2BurR2BnA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=7200
Connection: keep-alive
CF-RAY: 7c4a90c49b968fd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 404
Not Found ProximaNova-Bold.woff
play-game-vulcan.vip/casino/THEME_DIR/fonts/ 0
0 53ms
46ms Font
text/html 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/casino/THEME_DIR/fonts/ProximaNova-Bold.woff
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://play-game-vulcan.vip/casino/
Origin: http://play-game-vulcan.vip
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i8V2W8YGpRlLvNBBFM79zLk6VzvFwjfudRGSyIO1SUuIcQZgHM%2FWMmYb6%2Fr7A8WCo47z223PfGKueJzKJitbFEeIMIlDY6Y21QSDA%2F3RUQvnktePT%2FmRhtUVqAMoieKKB58QgjUmg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=7200
Connection: keep-alive
CF-RAY: 7c4a90c49bd15bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 404
Not Found ProximaNova-Black.woff
play-game-vulcan.vip/casino/THEME_DIR/fonts/ 0
0 48ms
41ms Font
text/html 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/casino/THEME_DIR/fonts/ProximaNova-Black.woff
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://play-game-vulcan.vip/casino/
Origin: http://play-game-vulcan.vip
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EI0l%2BRRJKFTRdWN9u20%2FABAEeeZ%2Bw1P1gNKR23JsjoopMyceAgVveJgyjudrzAmBv5yPpwsJoiPp0JL2BOhi8CB%2BP%2Bmj3DpWx%2FxOuc6r8AS6ydqA%2BHdcE50Srf3UA6NRq7au2yUkug%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=7200
Connection: keep-alive
CF-RAY: 7c4a90c4984935fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 653 B
757 B 71ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Neucha&subset=latin,cyrillic

Requested by

Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f37ba06392bca4b3f5f6ef95c05ca677abe3e4515be0b41d71cebdc0806d5c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 14:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:17:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 14:17:21 GMT

GET
H/1.1 200
OK dashicons.min.css
play-game-vulcan.vip/wp-includes/css/ 58 KB
36 KB 28ms
23ms Stylesheet
text/css 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/wp-includes/css/dashicons.min.css?ver=5.7
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8273f0538929ede9599e3cfea8142a252a7d0cb6dbacb230bf188490dde79d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 45024
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 27 Feb 2023 12:40:17 GMT
Server: cloudflare
ETag: W/"63fca4b1-e682"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P08c%2Bkg3dWyoIXWqHDGnDtrnOGQePGd06vy8M30NE8l66ap11%2Btmha0V42rngS2hALnDV9CkWBIo7rnzRsqmGZbiKhHlInuXjFWYWmNn5w3Pgw6C21tslXzTYI7QLwZ3mXnU9S3E5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
CF-RAY: 7c4a90c499973642-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo11.png
play-game-vulcan.vip/wp-content/themes/2444/img/ 15 KB
16 KB 63ms
62ms Image
image/png 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://play-game-vulcan.vip/wp-content/themes/2444/img/logo11.png?v=1683641837
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a16893f052809f092bed1d4157983cffd524b34a65892e4c4b99cb77232cad3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 15351
Last-Modified: Mon, 27 Feb 2023 12:41:07 GMT
Server: cloudflare
ETag: "63fca4e3-3bf7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uM02kXCbrRclXfLLTjrqcaCCwbF3o5niqzA7FEtY7lXQeGqv%2FUls4kB%2BXTT2AXIsxGXv0o5dYP0zHRy9DaCEJ3tJFF%2BGvLnZtvt7nSTjVykUOxcQ8wvHxSGfXdWNj2zHa3w0oFHg4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7c4a90c4d8bc35fd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK banner.jpg
play-game-vulcan.vip/wp-content/uploads/sites/2444/ 163 KB
164 KB 52ms
51ms Image
image/jpeg 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://play-game-vulcan.vip/wp-content/uploads/sites/2444/banner.jpg
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bae083340427d1181ec52138d3e61c49ccdfb21a6f2b0471637cfd7ff26e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 167264
Last-Modified: Fri, 06 Aug 2021 11:13:41 GMT
Server: cloudflare
ETag: "610d1965-28d60"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InC1lMqnqoQnt%2BJOo9lsj4CrnRcEzAbaIW97ul68Iv8R2yOk%2FZbKXgiUa2W0bwGIMQe8wxn5o6EFtGTV7lgSbe9p0CVZ2kqml%2FXyCJXyL3xzQo2rUBH31um8khHjE9RsaFXv3nnBrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7c4a90c4ec355bdd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK to_top.png
play-game-vulcan.vip/wp-content/themes/2444/img/ 293 B
1 KB 32ms
32ms Image
image/png 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://play-game-vulcan.vip/wp-content/themes/2444/img/to_top.png
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e08c195ba3bbb4c16dc21996a98a383263fdda5b5607e054014ca16ec6c3a79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 293
Last-Modified: Mon, 27 Feb 2023 12:41:07 GMT
Server: cloudflare
ETag: "63fca4e3-125"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOMUlXJs7yW%2BpYi1Le7TcBjLbH4bW15omYF%2BgkQuEfpXP0eCPjQU8BFUjihBPD28BYt%2FByRot5J4oOTMjkFWHdjPEScVOQHXvT0dMeg6RZdPa%2B%2Bl408sjHIG9paELwAVZbPmPSmuqg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7c4a90c4ebda8fd4-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
play-game-vulcan.vip/wp-content/themes/2444/js/ 84 KB
30 KB 16ms
16ms Script
application/javascript 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/wp-content/themes/2444/js/jquery.min.js
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b04b1a74a99c0602daec67b289658cea56d95f7c3f0fb8fce73bb8e6e728cbb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 247059
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 27 Feb 2023 12:41:07 GMT
Server: cloudflare
ETag: W/"63fca4e3-14e57"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BU%2FXMGz3AOeALhGX2%2FKOAaSc0HTCSzIvhpjWKNpcG2nlubKk0e7tEXADDSGPqGDhLxDXLpDJckykBGqaiwxlJalMx1c8zpTnUFN1SVnDf22L6eZyOz21yJjg6irnI7qrXTud0aaOw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
CF-RAY: 7c4a90c4b9dd3642-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
play-game-vulcan.vip/wp-content/themes/2444/js/ 43 KB
12 KB 16ms
15ms Script
application/javascript 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/wp-content/themes/2444/js/owl.carousel.min.js
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 190920
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 27 Feb 2023 12:41:07 GMT
Server: cloudflare
ETag: W/"63fca4e3-ad36"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnvFk4Qirak1kYI%2BFOtVdeiru7H74yMtJ481p%2BaCkDAlQfMObHRfV625v7hUdyy0OjUN5dgY9ppheWzWRaVTiWLhvjSggiaHexDUxVwOnfH5MbRtIayL9bbARIg8xfb2WvRnLHCo6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
CF-RAY: 7c4a90c4cf6d3aa3-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK common.js Show response
play-game-vulcan.vip/wp-content/themes/2444/js/ 11 KB
4 KB 34ms
33ms Script
application/javascript 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/wp-content/themes/2444/js/common.js?v=1.11683641837
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e3feead7d6d918118739f219f07d13e0a7afbc2b7a64cef55ff9a323ab9eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 27 Feb 2023 12:39:26 GMT
Server: cloudflare
ETag: W/"63fca47e-2b31"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8Aylusl8yME2CAYAWktOjL2EeJmHeShNI%2Fi6okhwBNXPFmoOFwfdUROmmNgUi9yMFS%2FRdKa9nw3E17XiGP9bXjMTA0Mchvh088OMuszfo%2BvYkyBvOcy5M%2BRbChl0FdmX16uDE0%2FnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
CF-RAY: 7c4a90c4df923aa3-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lazyload.min.js Show response
play-game-vulcan.vip/wp-content/themes/2444/js/ 8 KB
4 KB 15ms
14ms Script
application/javascript 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/wp-content/themes/2444/js/lazyload.min.js?v=0.2
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0bff4c09b2d825e704cc95a9621d5584d6e7e334d7d2bc1d6d432a376ca566

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 330034
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 27 Feb 2023 12:39:26 GMT
Server: cloudflare
ETag: W/"63fca47e-1f25"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUmTL81uS1Jzhfq4BJCwHeBbNjFM5InViI%2F7YHGC8fkesiQq3dUaiaXa20swrP75IKtbt0FhHfuzG78WfX3inRhh%2B5mI0FtXrZcrCbDTDst78%2FHdmvSwWiwfaSO%2BgU%2B1tI1tJSmtxA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
CF-RAY: 7c4a90c4da513642-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 213 KB
73 KB 248ms
115ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

/

Resource Hash

fab231fbfc156c6195e0fa7e07d5effaa4d6cf51f8d91d3b4a77d116c693b927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:17:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 05 May 2023 15:14:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6454f31f-122f1"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74481
expires: Tue, 09 May 2023 15:17:21 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ProximaNova-Bold.woff
play-game-vulcan.vip/wp-content/themes/2444/fonts/ 51 KB
52 KB 47ms
47ms Font
font/woff 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://play-game-vulcan.vip/wp-content/themes/2444/fonts/ProximaNova-Bold.woff
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/wp-content/themes/2444/css/style.css?v=2.81683641837
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1

Request headers

Referer: http://play-game-vulcan.vip/wp-content/themes/2444/css/style.css?v=2.81683641837
Origin: http://play-game-vulcan.vip
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 52068
Last-Modified: Mon, 27 Feb 2023 12:41:07 GMT
Server: cloudflare
ETag: "63fca4e3-cb64"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ntBcGcXORsWcP%2BmwY6Ux8ED5932e9soO%2B80RASb6eLYtl6pAFNW765cXNz4AuY1Bb%2BXmu2nxZityLDChqpcBrE4xDtUmAfoWUapL4HiXOw670%2FlGqK1yISIJ0xlSZ8THezE4cHbDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7c4a90c53c448fd4-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main_back1.jpg
play-game-vulcan.vip/wp-content/themes/2444/img/ 34 KB
35 KB 44ms
44ms Image
image/jpeg 104.21.64.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://play-game-vulcan.vip/wp-content/themes/2444/img/main_back1.jpg
Requested by: Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/
Protocol: HTTP/1.1
Server: 104.21.64.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fdce65714dfe8d841916bdfd3539c53d915b1aedd498cc8efa163abc468935e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 14:17:21 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35133
Last-Modified: Mon, 27 Feb 2023 12:39:26 GMT
Server: cloudflare
ETag: "63fca47e-893d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh%2B8cWXO6xHNlFP0LYCOwYa9N%2ByflQWnIM56qYU7rW3T5y%2B8n0GoaxyQQpoLW6NN4%2FnH1BtfdhbhDEp8XBenDkrDbekxXiPDHIXDNNcjgKGDyyIB0rSRpqf%2BgFMwxmiPcMSedIslVw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
CF-RAY: 7c4a90c57c915bdd-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9992.3cgMVSTpa_G9Owr-y0qzlWSRxaPvCTlYKuxRuDidGPzlv6zfZL94u581NxqA0RgZ.Js61aSHJbiIgG4k9tiYZusV_CA4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9992.7E3lMoNdCsGWsH0cPd_MtM2Bwt6Ap4KsKqNE0R_pJDcGzMSxQ1VD85AFVoqDVoTOgQzESHVa2uDTpNkdDMPM2hX-m8oNaSlPxAhTy2SFc2c%2C.AXnTqVJ7Pvi2ar8S3d1sh93O3Pk%2C

43 B
67 B

66ms
66ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9992.7E3lMoNdCsGWsH0cPd_MtM2Bwt6Ap4KsKqNE0R_pJDcGzMSxQ1VD85AFVoqDVoTOgQzESHVa2uDTpNkdDMPM2hX-m8oNaSlPxAhTy2SFc2c%2C.AXnTqVJ7Pvi2ar8S3d1sh93O3Pk%2C

Requested by

Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/

Protocol

H2

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

/

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:17:21 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9992.7E3lMoNdCsGWsH0cPd_MtM2Bwt6Ap4KsKqNE0R_pJDcGzMSxQ1VD85AFVoqDVoTOgQzESHVa2uDTpNkdDMPM2hX-m8oNaSlPxAhTy2SFc2c%2C.AXnTqVJ7Pvi2ar8S3d1sh93O3Pk%2C
date: Tue, 09 May 2023 14:17:21 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 62ms
59ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: play-game-vulcan.vip
URL: http://play-game-vulcan.vip/casino/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

/

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:17:21 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05 May 2023 15:14:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6454f31f-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 09 May 2023 15:17:21 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/82249825/
Redirect Chain

https://mc.yandex.com/watch/82249825?wmode=7&page-url=http%3A%2F%2Fplay-game-vulcan.vip%2Fcasino%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A1381%3Afu%3A0...
https://mc.yandex.com/watch/82249825/1?wmode=7&page-url=http%3A%2F%2Fplay-game-vulcan.vip%2Fcasino%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A1381%3Afu%3...

435 B
738 B

66ms
66ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/82249825/1?wmode=7&page-url=http%3A%2F%2Fplay-game-vulcan.vip%2Fcasino%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A1381%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1631168802257%3Ahid%3A397879338%3Az%3A0%3Ai%3A20230509141721%3Aet%3A1683641842%3Ac%3A1%3Arn%3A1049823278%3Arqn%3A1%3Au%3A16836418423795477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C447%2C3%2C589%2C0%2C%2C100%2C24%2C%2C%2C%2C1140%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1683641840325%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683641842%3At%3ASol%20Casino%20%28%D0%A1%D0%BE%D0%BB%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%29%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%BA%D0%BB%D1%83%D0%B1%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

H2

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

/

Resource Hash

112af7cf95c4ca448a7782ddbdf36e70c1a27cef42d64dd9c69e3191609829cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 14:17:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 09-May-2023 14:17:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://play-game-vulcan.vip
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Tue, 09-May-2023 14:17:22 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 14:17:22 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09-May-2023 14:17:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/82249825/1?wmode=7&page-url=http%3A%2F%2Fplay-game-vulcan.vip%2Fcasino%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A1381%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1631168802257%3Ahid%3A397879338%3Az%3A0%3Ai%3A20230509141721%3Aet%3A1683641842%3Ac%3A1%3Arn%3A1049823278%3Arqn%3A1%3Au%3A16836418423795477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C447%2C3%2C589%2C0%2C%2C100%2C24%2C%2C%2C%2C1140%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1683641840325%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683641842%3At%3ASol%20Casino%20%28%D0%A1%D0%BE%D0%BB%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%29%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%BC%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%BA%D0%BB%D1%83%D0%B1%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://play-game-vulcan.vip
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 09-May-2023 14:17:22 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9992.pFof4nIkJIEO_-UmRcduUUtc8VFvLkOx-sDxqjGOBlQvsCdEssUzG9ouqmEZhTga.NNZVnd0Fo64S9Dq7d1okXysc3pQ%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.z6id_KpEmQUenC-0mxtXgfaB6SvKEIuSLLdar9qJtWVV6yekzNdIPG7fqmdQOv36eeqwggSvQAvUONvBO19KqmvQP8BFrsYQ8FymX584zJk%2C.Gu43oh8_D8Z7zlxsGS...

43 B
79 B

65ms
65ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.z6id_KpEmQUenC-0mxtXgfaB6SvKEIuSLLdar9qJtWVV6yekzNdIPG7fqmdQOv36eeqwggSvQAvUONvBO19KqmvQP8BFrsYQ8FymX584zJk%2C.Gu43oh8_D8Z7zlxsGSUDsxQE0FY%2C

Protocol

H2

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

/

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://play-game-vulcan.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:17:22 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.z6id_KpEmQUenC-0mxtXgfaB6SvKEIuSLLdar9qJtWVV6yekzNdIPG7fqmdQOv36eeqwggSvQAvUONvBO19KqmvQP8BFrsYQ8FymX584zJk%2C.Gu43oh8_D8Z7zlxsGSUDsxQE0FY%2C
date: Tue, 09 May 2023 14:17:22 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| ym string| original_image_src function| $ function| jQuery function| _extends function| _typeof object| myLazyLoad function| LazyLoad object| Ya object| yaCounter82249825

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.play-game-vulcan.vip/	1970-01-20 20:26:17	Name: _ym_uid Value: 16836418423795477
			.play-game-vulcan.vip/	1970-01-20 20:26:17	Name: _ym_d Value: 1683641842
			.play-game-vulcan.vip/	1970-01-20 11:41:53	Name: _ym_isad Value: 2
			.mc.yandex.com/	1970-01-20 11:40:42	Name: sync_cookie_csrf Value: 3034182739fake
			.mc.yandex.ru/	1970-01-20 11:40:42	Name: sync_cookie_csrf Value: 607138912fake
			mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 725970311683641842
			.yandex.com/	1970-01-20 21:16:41	Name: i Value: +SxdZIAOJP1/zWJTwAE2RBZASK9d3d1CU4P6k11ZTuajCU/efaBgLMuVJYfdavl0wv33zk7etEIHVgHZlWT3GmqNWOI=
			.yandex.com/	1970-01-20 21:16:41	Name: yandexuid Value: 5721474161683641842
			.yandex.com/	1970-01-20 20:26:17	Name: yuidss Value: 5721474161683641842
			.yandex.com/	1970-01-20 20:26:17	Name: ymex Value: 1715177842.yc.1683641842#1715177842.yrts.1683641842#1715177842.yrtsi.1683641842

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://play-game-vulcan.vip/casino/THEME_DIR/fonts/ProximaNova-Black.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://play-game-vulcan.vip/casino/THEME_DIR/fonts/ProximaNova-Bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://play-game-vulcan.vip/casino/THEME_DIR/fonts/ProximaNova-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: http://play-game-vulcan.vip/casino/ Message: The resource http://play-game-vulcan.vip/casino/THEME_DIR/fonts/ProximaNova-Bold.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://play-game-vulcan.vip/casino/ Message: The resource http://play-game-vulcan.vip/casino/THEME_DIR/fonts/ProximaNova-Black.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://play-game-vulcan.vip/casino/ Message: The resource http://play-game-vulcan.vip/casino/THEME_DIR/fonts/ProximaNova-Regular.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
mc.yandex.com
mc.yandex.ru
play-game-vulcan.vip
104.21.64.139
172.67.151.54
2a00:1450:4001:82f::200a
2a02:6b8::1:119
112af7cf95c4ca448a7782ddbdf36e70c1a27cef42d64dd9c69e3191609829cc
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5fdce65714dfe8d841916bdfd3539c53d915b1aedd498cc8efa163abc468935e
61bae083340427d1181ec52138d3e61c49ccdfb21a6f2b0471637cfd7ff26e6c
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
8273f0538929ede9599e3cfea8142a252a7d0cb6dbacb230bf188490dde79d4b
99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1
9fb782c7644641bea62c28a8d94031514416662e2c4b888ba3f356bbe535351f
a16893f052809f092bed1d4157983cffd524b34a65892e4c4b99cb77232cad3c
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
b04b1a74a99c0602daec67b289658cea56d95f7c3f0fb8fce73bb8e6e728cbb6
d4156a274d5923e9bdcfd355b9bd3f01c06ad065d4462807af7efa2a2dd05799
e08c195ba3bbb4c16dc21996a98a383263fdda5b5607e054014ca16ec6c3a79a
e5e3feead7d6d918118739f219f07d13e0a7afbc2b7a64cef55ff9a323ab9eb6
ea0bff4c09b2d825e704cc95a9621d5584d6e7e334d7d2bc1d6d432a376ca566
f37ba06392bca4b3f5f6ef95c05ca677abe3e4515be0b41d71cebdc0806d5c98
fab231fbfc156c6195e0fa7e07d5effaa4d6cf51f8d91d3b4a77d116c693b927