Submitted URL: http://bet-login-gh.com/
Effective URL: https://bet-login-gh.com/
Submission Tags: threatview.io malwar3ninja rule: suspicious named domain automated-submission Search All
Submission: On October 21 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3033::6815:2b71, located in United States and belongs to CLOUDFLARENET, US. The main domain is bet-login-gh.com.
TLS certificate: Issued by WE1 on October 14th 2024. Valid for: 3 months.
This is the only time bet-login-gh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
9 172.67.178.140 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.186.40 15169 (GOOGLE)
18 7
Apex Domain
Subdomains
Transfer
12 bet-login-gh.com
bet-login-gh.com
419 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
274 KB
18 3
Domain Requested by
12 bet-login-gh.com bet-login-gh.com
3 www.googletagmanager.com bet-login-gh.com
www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
18 4

This site contains links to these domains. Also see Links.

Domain
littlelnk.com
azscore.com
Subject Issuer Validity Valid
bet-login-gh.com
WE1
2024-10-14 -
2025-01-12
3 months crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://bet-login-gh.com/
Frame ID: F334D014484514E4306C54768B5D59BA
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Create and open betting account: sign up and login tips in Ghana

Page URL History Show full URLs

  1. http://bet-login-gh.com/ HTTP 307
    https://bet-login-gh.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

7
IPs

2
Countries

715 kB
Transfer

1541 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bet-login-gh.com/ HTTP 307
    https://bet-login-gh.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bet-login-gh.com/
Redirect Chain
  • http://bet-login-gh.com/
  • https://bet-login-gh.com/
200 KB
45 KB
Document
General
Full URL
https://bet-login-gh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2b71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa0f7cb3f15d92131681d7ba4eef129169f4f8f2adffdd64b7f9104df1e4af6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d5dd4bc2d62381b-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 21 Oct 2024 02:31:22 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://bet-login-gh.com/wp-json/>; rel="https://api.w.org/" <https://bet-login-gh.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkNqZeKFvkpV%2FZSUM2hjMKXeg39gdzsZu8S2MLLGrZzfWlqaDNj7%2BgIxN4%2FVJU9dcg5MFdUbuvs1rWEAPJQBohBbA76TylhTtDiaae3xxSMvr%2Bj4mIpBhEqHq4Fb3ES85R%2BC4GJpmB6LE6M53K2Z"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=39170&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3976&recv_bytes=2287&delivery_rate=100131&cwnd=253&unsent_bytes=0&cid=7bc0e8d1e822ca42&ts=655&x=0"
vary
accept-encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://bet-login-gh.com/
Non-Authoritative-Reason
HttpsUpgrades
lazy_placeholder.gif
bet-login-gh.com/wp-content/plugins/a3-lazy-load/assets/images/
42 B
535 B
Image
General
Full URL
https://bet-login-gh.com/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2b71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5e3c2766-2a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3EXnmax6Hfj%2BrDh8PMhmGW2iCmBiD0O6bmeMM8dPpDamr9t6tqrMrejyN4ns1V1az4EmgZfViOhVTP0cXjKT%2FWn7nVffV6SBeJGeryJ7bZW2bRNHqvjUf5VmIQ8DJC9afXfpgY6T4GMOXGh4rr7%2B"}],"group":"cf-nel","max_age":604800}
cf-ray
8d5dd4c08f3c381b-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=39031&sent=59&recv=40&lost=0&retrans=0&sent_bytes=51177&recv_bytes=2882&delivery_rate=1490210&cwnd=257&unsent_bytes=0&cid=7bc0e8d1e822ca42&ts=762&x=0"
content-length
42
date
Mon, 21 Oct 2024 02:31:22 GMT
content-type
image/gif
last-modified
Thu, 06 Feb 2020 14:49:10 GMT
vary
Accept-Encoding
server
cloudflare
lazysizes.min.js
bet-login-gh.com/wp-content/plugins/autoptimize/classes/external/js/
10 KB
5 KB
Script
General
Full URL
https://bet-login-gh.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.4
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2b71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"60c1e1e3-2655"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AqLielYyZ0%2Be8%2Bh%2Btd8t1K9P5gLfUYPim3OmnAKgzpAq71HNLi8dnhHdvu756TQ2icVemPi%2F4%2FffF7iXSGka%2BnvgACulYFKjLZl1A5sBkMFg3P4t95HHYsp5BUXFVf0B1Ixu9XwkmZqJ3F70x5G"}],"group":"cf-nel","max_age":604800}
cf-ray
8d5dd4c08f3e381b-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=39031&sent=62&recv=40&lost=0&retrans=0&sent_bytes=51778&recv_bytes=2882&delivery_rate=1490210&cwnd=257&unsent_bytes=0&cid=7bc0e8d1e822ca42&ts=764&x=0"
date
Mon, 21 Oct 2024 02:31:22 GMT
content-type
application/javascript
last-modified
Thu, 10 Jun 2021 09:56:51 GMT
vary
Accept-Encoding
server
cloudflare
autoptimize_44728539327fab220bcbe7f550f0db1a.php
bet-login-gh.com/wp-content/cache/autoptimize/
196 KB
61 KB
Script
General
Full URL
https://bet-login-gh.com/wp-content/cache/autoptimize/autoptimize_44728539327fab220bcbe7f550f0db1a.php
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82eb6f02705ab533b8e12ffc86f6062146a12406a408ccb4f5695bd49db465ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
30e043a1d04c02be81027f787dfdd3db
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ks0VEf9Z%2BQhQTODToKqdbrojWtbUtedEJQ%2BjofEeM%2BC7gncNIAF%2FopnmORL%2BZIVUz%2BMv51V8XdbgPooybfY8tOXuIRi8tFW2tM3rcV19M%2B4CaNfUy1LT%2F2ODAc4IFMHrqTTM"}],"group":"cf-nel","max_age":604800}
expires
Sat, 11 Oct 2025 02:31:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39391&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4206&recv_bytes=4557&delivery_rate=84256&cwnd=12000&unsent_bytes=0&cid=2038304c242fec8f&ts=75&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 00:05:46 GMT
priority
u=3,i=?0
cache-control
max-age=30672000, public, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d5dd4c0e92dd9d6-FRA
content-length
61455
server
cloudflare
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be20f4bb4cff6e8bc364dd59e01b637aadf79af04bca3446081b1fc502110d93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
inactive.svg
bet-login-gh.com/wp-content/plugins/kk-star-ratings/public/svg/
223 B
857 B
Image
General
Full URL
https://bet-login-gh.com/wp-content/plugins/kk-star-ratings/public/svg/inactive.svg
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d06a8516d69db767242f13cc35e99194cf0d263fd5221673ac5aef02723e3c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"5e3c2784-df"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfVjjA5hM2%2F%2FhQtARN%2BlKhjDnhZ2fgyb5VuRvykuouyBFs9yR5cbbvXFof0hihrw8RkzLbKALjOV7tGEmOg2fONx9GD%2FwmuE04b2LWsZT1%2FxT501%2FaXEMyOg%2BCnsLNDcyrXJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8d5dd4c11954d9d6-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39342&sent=25&recv=11&lost=0&retrans=0&sent_bytes=16229&recv_bytes=5935&delivery_rate=14867&cwnd=12000&unsent_bytes=0&cid=2038304c242fec8f&ts=103&x=1", cfExtPri, cfHdrFlush;dur=20
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
image/svg+xml
last-modified
Thu, 06 Feb 2020 14:49:40 GMT
vary
Accept-Encoding
priority
u=3,i
active.svg
bet-login-gh.com/wp-content/plugins/kk-star-ratings/public/svg/
243 B
863 B
Image
General
Full URL
https://bet-login-gh.com/wp-content/plugins/kk-star-ratings/public/svg/active.svg
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c91f2e258df01f2df97b56f638878a261e4c379f44cdb5fd5e1879c8eefcfb07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"5e3c2784-f3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7q4U2UbvRLYm5GpFX22aM9%2F2LfuCAi0%2F9xr8jkdJp52MIxBrIaDw8zRNIHaXEIS6K%2FqrDjc2JshSkrK1yItwKvvpKxRRlJsFD0%2FQrbtSvSS1lVYxFAfnweAmhabfkq2aWSzL"}],"group":"cf-nel","max_age":604800}
cf-ray
8d5dd4c11956d9d6-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39342&sent=25&recv=11&lost=0&retrans=0&sent_bytes=16229&recv_bytes=5935&delivery_rate=14867&cwnd=12000&unsent_bytes=0&cid=2038304c242fec8f&ts=103&x=1", cfExtPri, cfHdrFlush;dur=20
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
image/svg+xml
last-modified
Thu, 06 Feb 2020 14:49:40 GMT
vary
Accept-Encoding
priority
u=3,i
fa-solid-900.woff2
bet-login-gh.com/wp-content/themes/education-soul/third-party/font-awesome/webfonts/
74 KB
74 KB
Font
General
Full URL
https://bet-login-gh.com/wp-content/themes/education-soul/third-party/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bet-login-gh.com
Referer
https://bet-login-gh.com/

Response headers

cf-cache-status
MISS
etag
"5ee89e29-126b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8tRt3EQFGGDaJLy4TRZVibK7ijEcMLQjmAfaSSi5%2FzQ2mbYKq21Wj%2F%2BNJeN8eCjbPsu9n51zWNecm4DuK5cLQLNfuMFrbOT%2FVGeiOWv9KUF32xn7TJbOc%2B4fKvMNJB0x%2F3e"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=56495&sent=45&recv=19&lost=0&retrans=0&sent_bytes=37552&recv_bytes=7458&delivery_rate=306549&cwnd=21300&unsent_bytes=0&cid=2038304c242fec8f&ts=142&x=1", cfExtPri, cfHdrFlush;dur=21
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
application/octet-stream
last-modified
Tue, 16 Jun 2020 10:25:45 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d5dd4c15995d9d6-FRA
accept-ranges
bytes
content-length
75440
server
cloudflare
285.jpg
bet-login-gh.com/wp-content/uploads/2020/06/
88 KB
89 KB
Image
General
Full URL
https://bet-login-gh.com/wp-content/uploads/2020/06/285.jpg
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418009609369ccac53d15b788d9b071b4c0ca143c6983c4d2e5afb366730a119

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

cf-cache-status
MISS
etag
"60afc48e-15f85"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yttjYn0cQzhowv1Fz37I06PicBHWXRFg1ekbMkeZ0FOwIs1a2uTLWe7mKxTCh54GAECrN5MIdr3LkvlP95W4LJhBVrMkBuSq%2FWy7%2BFbCjAzagh1f6Uk66K1qMMQjb2RRfatm"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=56495&sent=45&recv=19&lost=0&retrans=0&sent_bytes=37552&recv_bytes=7458&delivery_rate=306549&cwnd=21300&unsent_bytes=0&cid=2038304c242fec8f&ts=160&x=1", cfExtPri, cfHdrFlush;dur=3
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
image/jpeg
last-modified
Thu, 27 May 2021 16:10:54 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d5dd4c169b7d9d6-FRA
accept-ranges
bytes
content-length
89989
server
cloudflare
gtm.js
www.googletagmanager.com/
238 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PK6ZTH7
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/wp-content/cache/autoptimize/autoptimize_44728539327fab220bcbe7f550f0db1a.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d010580b432ca23230116976968c9a3e20894aa861c9660859b42a00dcebd6bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 21 Oct 2024 02:31:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
85640
x-xss-protection
0
server
Google Tag Manager
282-300x182.png
bet-login-gh.com/wp-content/uploads/2020/06/
106 KB
106 KB
Image
General
Full URL
https://bet-login-gh.com/wp-content/uploads/2020/06/282-300x182.png
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dded30e3b9e35e564cf8f79d6df60ab557223643f48d1fa989c51928aca4d007

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

cf-cache-status
MISS
etag
"5ed50059-1a623"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xu%2BNYtSwuJKXc1nUYv7iGA6bdxmxZWMNyc4S6VNArOiRtCSNEq7ZnQFR%2B3%2FLzQcmlWb5GPybGug1bYIabcMqYswG%2FEEA%2BHTgyFjuRUClvKflUy2n8wGTgtBGeqElKFkkpd0f"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=56388&sent=257&recv=76&lost=0&retrans=0&sent_bytes=277804&recv_bytes=11738&delivery_rate=1842722&cwnd=125700&unsent_bytes=0&cid=2038304c242fec8f&ts=356&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
image/png
last-modified
Mon, 01 Jun 2020 13:19:21 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d5dd4c2abeed9d6-FRA
accept-ranges
bytes
content-length
108067
server
cloudflare
286-300x169.jpg
bet-login-gh.com/wp-content/uploads/2020/06/
15 KB
16 KB
Image
General
Full URL
https://bet-login-gh.com/wp-content/uploads/2020/06/286-300x169.jpg
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f114d65849f325a9b9b1509ad8536fa578948b333453b6af88753894d72802a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

cf-cache-status
MISS
etag
"5ed501bc-3bbf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WIAnPtG6tVUalQGTrWHScJ4Mi%2BvDTWrPYpCSgApMSZJavY%2FKsFCwmM9bzhK4nnT5UdgwtXn1cbVFE01K9q2SDGhBeYoh5sL5AcWuxKrArT%2Bww6qrfGBYj7IGUZkqUay1UPC3"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=56388&sent=225&recv=76&lost=0&retrans=0&sent_bytes=240488&recv_bytes=11738&delivery_rate=1842722&cwnd=125700&unsent_bytes=0&cid=2038304c242fec8f&ts=345&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
image/jpeg
last-modified
Mon, 01 Jun 2020 13:25:16 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d5dd4c2abf1d9d6-FRA
accept-ranges
bytes
content-length
15295
server
cloudflare
284-300x225.jpg
bet-login-gh.com/wp-content/uploads/2020/06/
19 KB
20 KB
Image
General
Full URL
https://bet-login-gh.com/wp-content/uploads/2020/06/284-300x225.jpg
Requested by
Host: bet-login-gh.com
URL: https://bet-login-gh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c363bceeb2a90b8c33abd16112fc153171b563bcdd3877297693f41a6be94d47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

cf-cache-status
MISS
etag
"5ed50107-4de1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwnPwylBr0mptDxdlPgMre4TxmP6k0dKx%2FVdgWxPC64g%2BhWcjt9f411i62BSU4aicLevxsyzsmREdYr4FqghL7qoa3g9kqmVCZKCj%2FVzo4zHt1AlD%2Fo669nK5%2FBpsRv8s%2B1T"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=56388&sent=239&recv=76&lost=0&retrans=0&sent_bytes=256771&recv_bytes=11738&delivery_rate=1842722&cwnd=125700&unsent_bytes=0&cid=2038304c242fec8f&ts=354&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
image/jpeg
last-modified
Mon, 01 Jun 2020 13:22:15 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d5dd4c2abf3d9d6-FRA
accept-ranges
bytes
content-length
19937
server
cloudflare
js
www.googletagmanager.com/gtag/
268 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X9X5ZKNCFM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6ZTH7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc10f6480974a51294860640ba8183c888487b5623cc275a543f305c2479b847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 21 Oct 2024 02:31:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96234
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6ZTH7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

content-encoding
gzip
age
3674
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 03:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X9X5ZKNCFM&gtm=45je4ah0v9110471520z8831626411za200zb831626411&_p=1729477883232&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529666~101533421~101686685&cid=105997061.1729477884&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1729477883&sct=1&seg=0&dl=https%3A%2F%2Fbet-login-gh.com%2F&dt=Create%20and%20open%20betting%20account%3A%20sign%20up%20and%20login%20tips%20in%20Ghana&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1580
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X9X5ZKNCFM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bet-login-gh.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/
15 B
434 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1310883924&t=pageview&_s=1&dl=https%3A%2F%2Fbet-login-gh.com%2F&ul=de-de&de=UTF-8&dt=Create%20and%20open%20betting%20account%3A%20sign%20up%20and%20login%20tips%20in%20Ghana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1428838386&gjid=1728974327&cid=105997061.1729477884&tid=UA-168204736-3&_gid=1752555369.1729477884&_r=1&_slc=1&gtm=45He4ah0n81PK6ZTH7v831626411za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101686685&npa=1&z=964669678
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
992db709b54af4bb1f6eaac75c1aadb93186c0653032e2353737b3947a372419
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bet-login-gh.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 02:31:23 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://bet-login-gh.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
cropped-fav-gh-32x32.png
bet-login-gh.com/wp-content/uploads/2020/06/
744 B
1 KB
Other
General
Full URL
https://bet-login-gh.com/wp-content/uploads/2020/06/cropped-fav-gh-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01fe8793a6f145ddf8fe11513b76c1270f38bab89bab6315b2aaa0edddc9479

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

cf-cache-status
MISS
etag
"5ef48f08-2e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXfhG90et%2FzjH3UMGtbFX%2BRx9oAVoQeEiyaa9D5Xe8lWGBe4YtrLYRh8iE6EqupM%2BwDmB%2FnEXjChDghjI6ncKvlmsqszv%2BOn5XnUgT2opoRCHlYugFFQ8XS4Gp%2BTDGAQZePO"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44782&sent=351&recv=90&lost=0&retrans=0&sent_bytes=388961&recv_bytes=13077&delivery_rate=2823404&cwnd=137700&unsent_bytes=0&cid=2038304c242fec8f&ts=828&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
image/png
last-modified
Thu, 25 Jun 2020 11:48:24 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d5dd4c598bed9d6-FRA
accept-ranges
bytes
content-length
744
server
cloudflare
js
www.googletagmanager.com/gtag/
272 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X9X5ZKNCFM&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
eef3195a4754c56f05433046883ff640ac6308d2f25fbcee7c8651b131a63d49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bet-login-gh.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 21 Oct 2024 02:31:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 02:31:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97930
x-xss-protection
0
server
Google Tag Manager

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| lazySizesConfig object| kk_star_ratings object| lazySizes object| educationSoulScreenReaderText object| educationSoulCustomOptions object| a3_lazyload_params object| a3_lazyload_extend_params object| dataLayer function| jQuery object| addComment object| jQuery1124015541696065960164 object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

8 Cookies

Domain/Path Name / Value
bet-login-gh.com/ Name: PHPSESSID
Value: 9v2nmljc9b5203h0ki630fcjm1
.bet-login-gh.com/ Name: _subid
Value: qmmpojguu34d
.bet-login-gh.com/ Name: 49324
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjExNDFcIjoxNzI5NDc3ODgyfSxcImNhbXBhaWduc1wiOntcIjE1MlwiOjE3Mjk0Nzc4ODJ9LFwidGltZVwiOjE3Mjk0Nzc4ODJ9In0.5pCzxR5hj7FZAh4zvvxI7JeVPVQL1HiL-o7DXQolVKg
.bet-login-gh.com/ Name: _token
Value: uuid_qmmpojguu34d_qmmpojguu34d6715bcfa7cf379.88555144
.bet-login-gh.com/ Name: _ga_X9X5ZKNCFM
Value: GS1.1.1729477883.1.0.1729477883.0.0.0
.bet-login-gh.com/ Name: _ga
Value: GA1.2.105997061.1729477884
.bet-login-gh.com/ Name: _gid
Value: GA1.2.1752555369.1729477884
.bet-login-gh.com/ Name: _gat_UA-168204736-3
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bet-login-gh.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
142.250.186.40
172.67.178.140
2001:4860:4802:32::36
2606:4700:3033::6815:2b71
2a00:1450:4001:811::200e
2a00:1450:4001:827::2008
0d06a8516d69db767242f13cc35e99194cf0d263fd5221673ac5aef02723e3c0
3aa0f7cb3f15d92131681d7ba4eef129169f4f8f2adffdd64b7f9104df1e4af6
418009609369ccac53d15b788d9b071b4c0ca143c6983c4d2e5afb366730a119
82eb6f02705ab533b8e12ffc86f6062146a12406a408ccb4f5695bd49db465ad
992db709b54af4bb1f6eaac75c1aadb93186c0653032e2353737b3947a372419
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
bc10f6480974a51294860640ba8183c888487b5623cc275a543f305c2479b847
be20f4bb4cff6e8bc364dd59e01b637aadf79af04bca3446081b1fc502110d93
c01fe8793a6f145ddf8fe11513b76c1270f38bab89bab6315b2aaa0edddc9479
c363bceeb2a90b8c33abd16112fc153171b563bcdd3877297693f41a6be94d47
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c91f2e258df01f2df97b56f638878a261e4c379f44cdb5fd5e1879c8eefcfb07
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d010580b432ca23230116976968c9a3e20894aa861c9660859b42a00dcebd6bd
dded30e3b9e35e564cf8f79d6df60ab557223643f48d1fa989c51928aca4d007
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
eef3195a4754c56f05433046883ff640ac6308d2f25fbcee7c8651b131a63d49
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f114d65849f325a9b9b1509ad8536fa578948b333453b6af88753894d72802a4