urlscan.io logo urlscan.io
SecurityTrails logo

dknation.draftkings.com Open in urlscan Pro
151.101.1.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://is.gd/Un3Fl3
Effective URL: https://dknation.draftkings.com/users/onlinecasino_
Submission: On March 02 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 17 HTTP transactions. The main IP is 151.101.1.52, located in United States and belongs to FASTLY, US. The main domain is dknation.draftkings.com. The Cisco Umbrella rank of the primary domain is 261022.
TLS certificate: Issued by R3 on February 15th 2022. Valid for: 3 months.
This is the only time dknation.draftkings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 151.101.1.52 54113 (FASTLY)
2 151.101.65.52 54113 (FASTLY)
2 139.177.192.140 63949 (LINODE-AP...)
1 199.232.196.124 54113 (FASTLY)
1 199.232.194.217 54113 (FASTLY)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 164.90.137.199 14061 (DIGITALOC...)
17 12
1    2606:4700:20::6819:ea35 (United States)

ASN13335 (CLOUDFLARENET, US)
is.gd
2    151.101.1.52 (United States)

ASN54113 (FASTLY, US)
dknation.draftkings.com
2    151.101.65.52 (United States)

ASN54113 (FASTLY, US)
www.sbnation.com
2    139.177.192.140 (Toronto, Canada)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 139-177-192-140.ip.linodeusercontent.com
go.metabet.io
1    199.232.196.124 (United States)

ASN54113 (FASTLY, US)
cdn.vox-cdn.com
1    199.232.194.217 (United States)

ASN54113 (FASTLY, US)
static.scroll.com
3    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:f7::5c7b:e01b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2a02:26f0:fb::5f64:9969 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.draftkings.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    164.90.137.199 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
metabet.static.api.areyouwatchingthis.com
Apex Domain
Subdomains		 Transfer
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 427
p.typekit.net — Cisco Umbrella Rank: 527
56 KB
3 draftkings.com
dknation.draftkings.com — Cisco Umbrella Rank: 261022
www.draftkings.com — Cisco Umbrella Rank: 87786
86 KB
2 gstatic.com
fonts.gstatic.com
34 KB
2 metabet.io
go.metabet.io — Cisco Umbrella Rank: 27778
62 KB
2 sbnation.com
www.sbnation.com — Cisco Umbrella Rank: 33967
67 KB
1 areyouwatchingthis.com
metabet.static.api.areyouwatchingthis.com — Cisco Umbrella Rank: 44930
283 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1023 B
1 scroll.com
static.scroll.com — Cisco Umbrella Rank: 5006
7 KB
1 vox-cdn.com
cdn.vox-cdn.com — Cisco Umbrella Rank: 8826
103 KB
1 is.gd
is.gd — Cisco Umbrella Rank: 72181
498 B
17 10
Domain Requested by
3 use.typekit.net dknation.draftkings.com
use.typekit.net
2 fonts.gstatic.com fonts.googleapis.com
2 go.metabet.io dknation.draftkings.com
go.metabet.io
2 www.sbnation.com dknation.draftkings.com
2 dknation.draftkings.com cdn.vox-cdn.com
1 metabet.static.api.areyouwatchingthis.com go.metabet.io
1 www.draftkings.com www.sbnation.com
1 p.typekit.net use.typekit.net
1 fonts.googleapis.com dknation.draftkings.com
1 static.scroll.com dknation.draftkings.com
1 cdn.vox-cdn.com dknation.draftkings.com
1 is.gd 1 redirects
17 12
Subject Issuer Validity Valid
dknation.draftkings.com
R3		 2022-02-15 -
2022-05-16		 3 months crt.sh
*.sbnation.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-19 -
2022-05-21		 a year crt.sh
areyouwatchingthis.com
R3		 2021-12-26 -
2022-03-26		 3 months crt.sh
*.vox-cdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-19 -
2022-05-21		 a year crt.sh
*.scroll.com
R3		 2022-02-26 -
2022-05-27		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
api.draftkings.com
R3		 2022-02-28 -
2022-05-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dknation.draftkings.com/users/onlinecasino_
Frame ID: 949495F3E63384DE7069EAD33904DDDE
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

onlinecasino_ Profile and Activity - DraftKings Nationclockmenumore-arrownoyesSearchHorizontal - WhiteHorizontal - WhiteVox Media

Page URL History Show full URLs

  1. https://is.gd/Un3Fl3 HTTP 301
    https://dknation.draftkings.com/users/onlinecasino_ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta data-chorus-version=
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

415 kB
Transfer

1365 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://is.gd/Un3Fl3 HTTP 301
    https://dknation.draftkings.com/users/onlinecasino_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request onlinecasino_
dknation.draftkings.com/users/
Redirect Chain
  • https://is.gd/Un3Fl3
  • https://dknation.draftkings.com/users/onlinecasino_
82 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dknation.draftkings.com/users/onlinecasino_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
caff3630f63773cfcb3519641bdf5f61c15924f4420d95a139f42c0f476ed3d3
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=31556952; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

content-type
text/html; charset=utf-8
server
nginx
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
cache-control
max-age=60, public, must-revalidate
etag
W/"caff3630f63773cfcb3519641bdf5f61"
x-request-id
d9b52494567f2b713e6f93954155378d12db6653
x-runtime
0.190938
strict-transport-security
max-age=31556952; preload
content-encoding
br
accept-ranges
bytes
date
Wed, 02 Mar 2022 15:42:13 GMT
via
1.1 varnish
age
34
x-served-by
cache-ams21050-AMS
x-cache
HIT
x-cache-hits
1
x-timer
S1646235733.379063,VS0,VE1
vary
Accept-Encoding, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region, Origin, X-Forwarded-Proto, Cookie, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region
content-length
22231

Redirect headers

date
Wed, 02 Mar 2022 15:42:13 GMT
content-type
text/html; charset=UTF-8
location
https://dknation.draftkings.com/users/onlinecasino_
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tz1SeKH7o7%2BIxxJjH14ZNXbEmctDK%2B9ntlhRD2rzOWoG%2BR1UE85bIhLfLFTS0qvL0Wf%2FDFGWCNLe5ciY%2B35Mhi7TshQvUgI78nFrZXjB%2FXiLX1DZfkraaCpmzMMhIR2Ug6k"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e5b3db4a8289261-FRA
chorus.css
www.sbnation.com/style/community/763/ccdaa13b7c73df0f78f7d129e3eee83d/ 		455 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sbnation.com/style/community/763/ccdaa13b7c73df0f78f7d129e3eee83d/chorus.css
Requested by
Host: dknation.draftkings.com
URL: https://dknation.draftkings.com/users/onlinecasino_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
822d849497630c4bb08b9de8f36aecf8f3ce4e795bca269ecc7ada993f426d62
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dknation.draftkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556952; preload
content-encoding
br
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
154445
x-cache
HIT
content-length
60330
x-xss-protection
1; mode=block
x-request-id
a4b1d062aba45749360b3f3f30d39dba21c40a50
x-served-by
cache-ams21022-AMS
x-runtime
0.264712
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-timer
S1646235733.442670,VS0,VE1
x-frame-options
SAMEORIGIN
date
Wed, 02 Mar 2022 15:42:13 GMT
x-download-options
noopen
vary
Accept-Encoding, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region, Origin, X-Forwarded-Proto, Cookie, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region
content-type
text/css; charset=utf-8
via
1.1 varnish
cache-control
max-age=31556952, public, must-revalidate
etag
W/"822d849497630c4bb08b9de8f36aecf8"
accept-ranges
bytes
x-cache-hits
1
global.js
go.metabet.io/js/ 		238 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.metabet.io/js/global.js?siteID=draftkings-light:dknation
Requested by
Host: dknation.draftkings.com
URL: https://dknation.draftkings.com/users/onlinecasino_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.177.192.140 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
139-177-192-140.ip.linodeusercontent.com
Software
Apache/2.4.37 (rocky) /
Resource Hash
592a9c05660695da222c9702671bd3bfd153b23a77bf7d1c5156de72b8e492e1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dknation.draftkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:32:09 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky)
age
604
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300, public, must-revalidate
accept-ranges
bytes
content-length
49501
large.png
www.sbnation.com/images/sbn/placeholders/profile/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sbnation.com/images/sbn/placeholders/profile/large.png
Requested by
Host: dknation.draftkings.com
URL: https://dknation.draftkings.com/users/onlinecasino_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e7db2472a7b9c137fcec96acf45c13d9619a53b528b1a09aa43da79532f74f9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dknation.draftkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:42:13 GMT
via
1.1 varnish
age
1953685
x-cache
HIT
x-cache-hits
1
content-length
7504
x-served-by
cache-ams21022-AMS
last-modified
Mon, 07 Feb 2022 20:29:40 GMT
server
nginx
x-timer
S1646235733.442807,VS0,VE1
etag
"62018134-1d50"
vary
Cookie, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region, Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
chorus-edf49eb13a6c77a4c3a4.js
cdn.vox-cdn.com/packs/js/ 		317 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vox-cdn.com/packs/js/chorus-edf49eb13a6c77a4c3a4.js
Requested by
Host: dknation.draftkings.com
URL: https://dknation.draftkings.com/users/onlinecasino_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95ce9858e79caa9483e6523cd565d092287e0a2b287311a76059e5af672ef0b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dknation.draftkings.com/
Origin
https://dknation.draftkings.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:42:13 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2070
via
1.1 varnish
x-cache
HIT
content-length
104575
x-amz-id-2
lquExgKcVxDlQrXHO96iua/7V0sj3kvGvo0iuUyWGu2aAXcDEGY7yFXsnzuynb5dlcKbxcc7giI=
x-served-by
cache-ams21067-AMS
last-modified
Mon, 28 Feb 2022 17:57:58 GMT
server
AmazonS3
x-timer
S1646235733.448994,VS0,VE0
etag
"d137446ab8b5b4323a217a4de10c3333"
strict-transport-security
max-age=31536000
x-amz-request-id
S33XSJ6AH5317X9V
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
53
scroll.js
static.scroll.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.scroll.com/js/scroll.js
Requested by
Host: dknation.draftkings.com
URL: https://dknation.draftkings.com/users/onlinecasino_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ee14cb5ce7f59fb3240804e38e3f3a91410e06e5b9db9a06896b13d43b35450d

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dknation.draftkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:42:13 GMT
content-encoding
gzip
age
46853
x-guploader-uploadid
ADPycduj85Ynxxl5YxymqyJxgpXVTLrOb6rwDXtz_fBfSjycRc2nx9R_yYMu_ciw_gqQ7x4S_j2UPy3Z2rIVvL6HSAGF68hvQA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
6179
x-served-by
cache-ams21030-AMS
last-modified
Thu, 10 Feb 2022 20:41:36 GMT
server
UploadServer
x-timer
S1646235733.445146,VS0,VE0
etag
"f20f2951c04539ed9ce875f6a479938e"
vary
Origin
x-goog-hash
crc32c=rbs4SA==, md5=8g8pUcBFOe2c6HX2pHmTjg==
x-goog-generation
1644525696132501
via
1.1 varnish
expires
Thu, 17 Feb 2022 02:41:14 GMT
cache-control
public, max-age=0, s-maxage=86400
access-control-allow-credentials
true
x-goog-stored-content-length
6179
accept-ranges
bytes
content-type
application/javascript
x-scrolljs
3
x-cache-hits
10384
kor4zsv.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/kor4zsv.css
Requested by
Host: dknation.draftkings.com
URL: https://dknation.draftkings.com/users/onlinecasino_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d008e0bf8ee9867fd22c051c899eae4e64cfc43decd37aba47e102b14948d68a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dknation.draftkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Wed, 02 Mar 2022 15:42:13 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
935
css2
fonts.googleapis.com/ 		3 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@400;500;700&display=swap
Requested by
Host: dknation.draftkings.com
URL: https://dknation.draftkings.com/users/onlinecasino_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c743f3de1b7de4990aee6865caf32c85e004a4c6a4088810a0588e0af97d6c8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dknation.draftkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 15:42:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Mar 2022 15:42:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Mar 2022 15:42:13 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=kor4zsv&ht=tk&f=14032.14033.14034.14035.31373.31391.31404&a=340598&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kor4zsv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e01b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:42:13 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
user_context
dknation.draftkings.com/services/ 		915 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dknation.draftkings.com/services/user_context?privacy=true
Requested by
Host: cdn.vox-cdn.com
URL: https://cdn.vox-cdn.com/packs/js/chorus-edf49eb13a6c77a4c3a4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
187b0d1faea4422666c506cfa6af151d0cb687d0f60751f8b9b413a206dad4bd
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dknation.draftkings.com/users/onlinecasino_
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556952; preload
content-encoding
br
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
306
x-cache
HIT
content-length
440
x-xss-protection
1; mode=block
x-request-id
2787a1f1fbfdf5517346f5d08d8bc8d05f0b0266
x-served-by
cache-ams21050-AMS
x-runtime
0.036443
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-timer
S1646235734.514693,VS0,VE1
x-frame-options
SAMEORIGIN
date
Wed, 02 Mar 2022 15:42:13 GMT
x-download-options
noopen
vary
Accept-Encoding, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region, Origin, X-Forwarded-Proto, Cookie, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
max-age=900, public, must-revalidate
etag
W/"187b0d1faea4422666c506cfa6af151d"
accept-ranges
bytes
x-cache-hits
1
truncated
/ 		46 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aae6549753eb3dc6cf108c8b665bfb0a45419ee7358064f86a07cac3a0361f4c

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/webp
marquee-bg@2x.png
www.draftkings.com/_static/_raptor/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.draftkings.com/_static/_raptor/images/marquee-bg@2x.png?1
Requested by
Host: www.sbnation.com
URL: https://www.sbnation.com/style/community/763/ccdaa13b7c73df0f78f7d129e3eee83d/chorus.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
885e4d6f30a57cfd3ae1febb158bd66cb64cf383f40798c7c81bf29a8f53087a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.sbnation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:42:14 GMT
last-modified
Mon, 28 Feb 2022 20:51:50 GMT
etag
"037fe1e52cd81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=3600
accept-ranges
bytes
content-length
63569
EJRLQgErUN8XuHNEtX81i9TmEkrnGc5Q962f.woff2
fonts.gstatic.com/s/sairacondensed/v10/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sairacondensed/v10/EJRLQgErUN8XuHNEtX81i9TmEkrnGc5Q962f.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13c457741d5837f87a0d7181cf3c7cf01c2b41078ba60600600bf9ee81e8841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dknation.draftkings.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:59:00 GMT
x-content-type-options
nosniff
age
585793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16820
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 20:59:00 GMT
EJRLQgErUN8XuHNEtX81i9TmEkrnUchQ962f.woff2
fonts.gstatic.com/s/sairacondensed/v10/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sairacondensed/v10/EJRLQgErUN8XuHNEtX81i9TmEkrnUchQ962f.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbaad9c190c779989337205ddaa8463870d47f2f868ab3b3da8efa5dac8e91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dknation.draftkings.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 21:00:15 GMT
x-content-type-options
nosniff
age
585718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16952
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:13:00 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 21:00:15 GMT
l
use.typekit.net/af/affdf5/00000000000000003b9b0328/27/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/affdf5/00000000000000003b9b0328/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kor4zsv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
17a7835e0ec7407fcb31018695cac033953a31f0d1d14f2f36365fa6157a75ec

Request headers

Referer
https://use.typekit.net/kor4zsv.css
Origin
https://dknation.draftkings.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:42:13 GMT
server
nginx
etag
"7b3ae799e5f61a91796c2692c8ca8d77ade2a4ca"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27584
l
use.typekit.net/af/b5ce2a/00000000000000003b9b032d/27/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b5ce2a/00000000000000003b9b032d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kor4zsv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b703f8ada2f2fcf7dd2e3404c2ee2c404c6a2522575bbd72ece0c8b8fb1b2c7e

Request headers

Referer
https://use.typekit.net/kor4zsv.css
Origin
https://dknation.draftkings.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:42:13 GMT
server
nginx
etag
"e9048205df986c3c9769789ccacee29ac555327b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27764
main.css
go.metabet.io/css/ 		90 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.metabet.io/css/main.css?siteID=draftkings-light&v=20210618
Requested by
Host: go.metabet.io
URL: https://go.metabet.io/js/global.js?siteID=draftkings-light:dknation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.177.192.140 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
139-177-192-140.ip.linodeusercontent.com
Software
Apache/2.4.37 (rocky) /
Resource Hash
ae85b359a0a61ef814a9e527d3bda004f5ba0568329f9df4b78696cccbab864c

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dknation.draftkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:30:52 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky)
age
681
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=300, public, must-revalidate
accept-ranges
bytes
content-length
13296
odds.json
metabet.static.api.areyouwatchingthis.com/api/ 		77 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metabet.static.api.areyouwatchingthis.com/api/odds.json?apiKey=219f64094f67ed781035f5f7a08840fc&q=
Requested by
Host: go.metabet.io
URL: https://go.metabet.io/js/global.js?siteID=draftkings-light:dknation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.90.137.199 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.37 (rocky) /
Resource Hash
6a071de3fb0250de3443316c44aed0d4caa280d92249648b17a321ec2a69efbf

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://dknation.draftkings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:42:14 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky)
age
0
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=5, public, must-revalidate
accept-ranges
bytes
content-length
94

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| chorusInitQueue string| volume_embed_host object| Chorus object| dataLayer function| VoxMediaFontLoader object| Scroll object| webpackJsonp object| Initializer object| Context function| setImmediate function| clearImmediate function| Subtags function| chorus_lazy_assets object| DynamicImages function| __handleRecaptchaLoad function| fetchChorusAuthJWT number| RUWT_BASE_BET number| RUWT_BEST_ODD_MATCH_SENSITIVITY object| RUWT_DETAIL_HIDE_TIMEOUT boolean| RUWT_ENABLE_OUTBOUND_LINKS boolean| RUWT_ENABLE_ATTRIBUTION_LINKS boolean| RUWT_ENABLE_GENERIC_TEAM_LOGOS boolean| RUWT_ODDS_BOARD_SHOW_IN_PROGRESS_GAMES string| RUWT_HERO_URL string| RUWT_SEE_ALL_LINES_URL string| RUWT_HOSTED_HOST boolean| RUWT_BUBBLE_TEASE_SHOW_ICON boolean| RUWT_BUBBLE_TEASE_SHOW_SPREAD boolean| RUWT_BUBBLE_MATCH_FULL_TEAM_NAME object| RUWT_TEAM_DATA string| RUWT_SITE_ID string| RUWT_SUB_SITE_ID string| RUWT_REDIRECT_URL boolean| RUWT_SITE_FAMILY_CATENA boolean| RUWT_SITE_FAMILY_GIG boolean| RUWT_SITE_FAMILY_VOX number| RUWT_STALE_ODDS_CUTOFF object| RUWT_SCORE_STRIP_INTERVAL function| mb_insertOddsBubbles function| mb_bubbleOver function| mb_bubbleLeave function| mb_bubbleClick function| mb_insertOddsValues function| mb_insertAdTilePlacements function| mb_insertAutoAdTiles function| mb_insertGameTiles function| mb_insertOddsCompare function| mb_insertVideoTiles function| mb_insertSideOddsTiles function| mb_createTileHeader function| mb_createTileFooter function| mb_addAdTileSizeModifiers function| mb_insertOddsBoard object| MB_ODDS_BOARD_DATA object| MB_ODDS_BOARD_ROUND_DATA function| mb_getOddsBoardData function| mb_paintOddsBoard function| mb_populateOddsBoardCell function| mb_populateOddsBoardMarkets function| mb_insertParlayCalculator function| mb_buildParlayCalculator object| MB_PARLAY_CALCULATOR_GAMES_DATA function| mb_loadParlayGames function| mb_paintParlayGames function| mb_paintParlaySelections function| mb_paintParlayWinnings function| mb_getSelectedParlayProvider function| mb_selectParlayProvider function| mb_getParlaySelections function| mb_createWagerHash function| mb_addWagerToParlay function| mb_removeWagerFromParlay function| mb_removeAllWagersFromParlay function| mb_isWagerInParlay function| mb_insertSideOddBrowser function| mb_loadSideOddBrowserMarkets function| mb_insertFuturesBoard object| MB_FUTURES_BOARD_DATA object| MB_FUTURES_BOARD_PLAYERS object| MB_FUTURES_BOARD_TEAMS object| MB_FUTURES_BOARD_GAMES function| mb_getFuturesBoardData function| mb_paintFuturesBoard function| mb_populateFuturesBoardCell function| mb_rewriteEntityURLs function| mb_insertSideOddsTable function| mb_loadSideOddsTableMarkets function| mb_populateBetRedirectTracking function| mb_trackRender function| mb_trackCustomization function| mb_trackClick function| mb_track function| mb_createLocationSelector object| mb_autoCompleteData object| mb_selectedAutoCompleteItem function| mb_enableAutoComplete function| mb_selectAutoCompleteItem function| mb_getBestGameOdds function| mb_getCurrentLocation function| mb_setLocation function| mb_getProvidersForLocation function| mb_isProviderDisabled function| mb_getProviderPromo function| mb_getProviderLogo function| mb_supportsBetSlipIntegration function| mb_getTeamLogo function| mb_getTeamLogoURL function| mb_createBetRedirect function| mb_createProviderRedirect function| mb_getVoxMetadataTags function| mb_getVoxAdConfigData function| mb_isSiteOrSubSite function| mb_formatWithSign function| mb_formatSpread function| mb_moneyLineWinnings function| mb_stylePrice function| frac function| mb_formatFractionFromPrice function| mb_formatMoneyLineWinningsFromPrice function| mb_moneyLineFromPrice function| mb_formatMoneyLineFromPrice function| mb_getJSON function| mb_getRawText function| mb_emptyElement function| mb_shuffleArray function| DAILY_GAME_SORT function| mb_getTeamDisplayName function| mb_getTeamFullName function| mb_getAwayTeamDisplayName function| mb_getHomeTeamDisplayName function| mb_getAwayTeamShortName function| mb_getHomeTeamShortName function| mb_getAwayTeamFullName function| mb_getHomeTeamFullName function| mb_getPlayerName function| mb_getUpcomingDateTime function| mb_getShortDate function| mb_getShortTime function| mb_getTimeLeftCompact function| mb_hasIndividualCompetitors function| mb_hasGameStarted function| mb_isGameFinished function| mb_createResizeObservers function| mb_DOMContentLoaded

3 Cookies

Domain/Path Name / Value
dknation.draftkings.com/ Name: _chorus_geoip_continent
Value: EU
dknation.draftkings.com/ Name: chorus_preferences
Value: {%22v%22:1%2C%22privacy%22:{%22cookies%22:%22none%22%2C%22doNotSell%22:false}}
.dknation.draftkings.com/ Name: vmidv1
Value: f12434eb-d4a1-4db0-89eb-657566a5519c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=31556952; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.vox-cdn.com
dknation.draftkings.com
fonts.googleapis.com
fonts.gstatic.com
go.metabet.io
is.gd
metabet.static.api.areyouwatchingthis.com
p.typekit.net
static.scroll.com
use.typekit.net
www.draftkings.com
www.sbnation.com
139.177.192.140
151.101.1.52
151.101.65.52
164.90.137.199
199.232.194.217
199.232.196.124
2606:4700:20::6819:ea35
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a02:26f0:6c00::210:ba0a
2a02:26f0:f7::5c7b:e01b
2a02:26f0:fb::5f64:9969
17a7835e0ec7407fcb31018695cac033953a31f0d1d14f2f36365fa6157a75ec
187b0d1faea4422666c506cfa6af151d0cb687d0f60751f8b9b413a206dad4bd
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e7db2472a7b9c137fcec96acf45c13d9619a53b528b1a09aa43da79532f74f9
592a9c05660695da222c9702671bd3bfd153b23a77bf7d1c5156de72b8e492e1
6a071de3fb0250de3443316c44aed0d4caa280d92249648b17a321ec2a69efbf
822d849497630c4bb08b9de8f36aecf8f3ce4e795bca269ecc7ada993f426d62
885e4d6f30a57cfd3ae1febb158bd66cb64cf383f40798c7c81bf29a8f53087a
95ce9858e79caa9483e6523cd565d092287e0a2b287311a76059e5af672ef0b5
aae6549753eb3dc6cf108c8b665bfb0a45419ee7358064f86a07cac3a0361f4c
ae85b359a0a61ef814a9e527d3bda004f5ba0568329f9df4b78696cccbab864c
b703f8ada2f2fcf7dd2e3404c2ee2c404c6a2522575bbd72ece0c8b8fb1b2c7e
c743f3de1b7de4990aee6865caf32c85e004a4c6a4088810a0588e0af97d6c8d
caff3630f63773cfcb3519641bdf5f61c15924f4420d95a139f42c0f476ed3d3
d008e0bf8ee9867fd22c051c899eae4e64cfc43decd37aba47e102b14948d68a
e13c457741d5837f87a0d7181cf3c7cf01c2b41078ba60600600bf9ee81e8841
ee14cb5ce7f59fb3240804e38e3f3a91410e06e5b9db9a06896b13d43b35450d
fbaad9c190c779989337205ddaa8463870d47f2f868ab3b3da8efa5dac8e91b6