Submitted URL: https://paripesa.bet/gamer
Effective URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Submission Tags: 0xscam
Submission: On September 13 via api from US — Scanned from DE

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 27 HTTP transactions. The main IP is 2606:4700:20::681a:608, located in United States and belongs to CLOUDFLARENET, US. The main domain is bonus.paripesa.com.
TLS certificate: Issued by WE1 on August 2nd 2024. Valid for: 3 months.
This is the only time bonus.paripesa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 172.67.208.212 13335 (CLOUDFLAR...)
1 1 178.253.46.215 202492 (SGHL1-AS)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
2 144.76.164.53 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1e0... 60068 (CDN77 _)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 188.42.63.49 7979 (SERVERS-COM)
1 188.42.63.48 7979 (SERVERS-COM)
1 104.18.26.170 13335 (CLOUDFLAR...)
27 12
Apex Domain
Subdomains
Transfer
15 paripesa.com
bonus.paripesa.com
523 KB
3 eskimi.com
dsp-media.eskimi.com — Cisco Umbrella Rank: 44929
dsp-trk.eskimi.com — Cisco Umbrella Rank: 41681
dsp-ap.eskimi.com — Cisco Umbrella Rank: 18952
4 KB
3 paripesa.bet
paripesa.bet
2 KB
2 requestkeeper.pro
requestkeeper.pro
1 KB
1 ipregistry.co
api.ipregistry.co — Cisco Umbrella Rank: 215681
2 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
66 KB
1 combodef.com
combodef.com
223 B
27 11
Domain Requested by
15 bonus.paripesa.com bonus.paripesa.com
3 paripesa.bet 2 redirects bonus.paripesa.com
2 requestkeeper.pro bonus.paripesa.com
1 api.ipregistry.co bonus.paripesa.com
1 dsp-ap.eskimi.com dsp-media.eskimi.com
1 dsp-trk.eskimi.com dsp-media.eskimi.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com bonus.paripesa.com
1 fonts.googleapis.com bonus.paripesa.com
1 cdnjs.cloudflare.com bonus.paripesa.com
1 dsp-media.eskimi.com bonus.paripesa.com
1 www.googletagmanager.com bonus.paripesa.com
1 combodef.com 1 redirects
27 13

This site contains links to these domains. Also see Links.

Domain
paripesa.com
bonus.paripesa.ng
Subject Issuer Validity Valid
paripesa.com
WE1
2024-08-02 -
2024-10-31
3 months crt.sh
requestkeeper.pro
E6
2024-09-09 -
2024-12-08
3 months crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1
2024-04-08 -
2025-05-09
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
paripesa.bet
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
ipregistry.co
WE1
2024-09-07 -
2024-12-06
3 months crt.sh

This page contains 1 frames:

Primary Page: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Frame ID: A93F23F2F558FE35F899812CF4C7D5FD
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

PariPesa

Page URL History Show full URLs

  1. https://paripesa.bet/gamer HTTP 302
    https://combodef.com/L?tag=d_1988789m_60651c_&site=1988789&ad=60651 HTTP 303
    https://paripesa.bet/africabettingmix?tag=d_1988789m_60651c_ HTTP 302
    https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

27
Requests

100 %
HTTPS

46 %
IPv6

11
Domains

13
Subdomains

12
IPs

5
Countries

642 kB
Transfer

1327 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paripesa.bet/gamer HTTP 302
    https://combodef.com/L?tag=d_1988789m_60651c_&site=1988789&ad=60651 HTTP 303
    https://paripesa.bet/africabettingmix?tag=d_1988789m_60651c_ HTTP 302
    https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.html
bonus.paripesa.com/betting-3/
Redirect Chain
  • https://paripesa.bet/gamer
  • https://combodef.com/L?tag=d_1988789m_60651c_&site=1988789&ad=60651
  • https://paripesa.bet/africabettingmix?tag=d_1988789m_60651c_
  • https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
11 KB
4 KB
Document
General
Full URL
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89baea22660375b7edd50be7a829462e469548a75c02173a25227e33c714896

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c278339ec57913a-FRA
content-encoding
br
content-type
text/html
date
Fri, 13 Sep 2024 10:39:18 GMT
last-modified
Thu, 15 Aug 2024 15:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7nz22Gy1qmINfmcgBs88MG6nTmFvroyNeSGza5FEvYouP0Hf%2FfmCvj7BquqpH4ML8V9CEVzqd3J%2FNIHuTKyHkQ8Yy7GUQ9BeKNQJrl0PkObxbtCMt3eO8m2L7B5VJIpCrTvT8OunX3%2Ba3aJzVghWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
x-amz-cf-id
5s0CgG00oSf9ZfmzsV3HWAynzxAD7sT14-xc8mE7HZS6FK17p-WQTw==
x-amz-cf-pop
FRA60-P5
x-amz-id-2
oaXNUdOQwlf0pKU9pNOntU/vBVDr5RUfLhVp772afCpKne/N/NaKCtuuS+qpwQMQA6EGQvf2fv0=
x-amz-request-id
V60FRHKS4JT5WMZB
x-cache
Miss from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8c2783388b6cd29c-FRA
content-type
text/html; charset=utf-8
date
Fri, 13 Sep 2024 10:39:17 GMT
location
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EauON9GMaHMoBr1mQiKMEQYnKxeMox9aajONTRIiM9oyWNxwZOZlf3DRJrMiYXZj2Han1XXbJb%2Fjm%2FBz63sqzPkzv%2BSK54xryWb92xWkALnbt1DTQE7qlho0tDLbtrY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
4d2e3906-b8e5-48d5-bd78-f916b8011cf7
x-runtime
0.069193
x-xss-protection
1; mode=block
style3.css
bonus.paripesa.com/betting-3/css/
36 KB
8 KB
Stylesheet
General
Full URL
https://bonus.paripesa.com/betting-3/css/style3.css
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d833aa540574ccc00da07d9ef2feb22167e0dee38107568c711d3b59b15922aa

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QFW134F9JJVJ837H
x-amz-cf-pop
FRA60-P5
age
1715
x-cache
Miss from cloudfront
x-amz-id-2
LNMus85Y7a7pXyybo9k1OcXV6DDVLNZQqjaAhVxn7ucaThqfYkrJRtvCyD4eE5giWtVb+gAK0Mg=
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
W/"37693e41b61af7cfc5539c84eca22b6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2ByITVBb%2BVFIpdZs4iXpS7cca3Eiez00W4C7G52Cl5lMjrOP6CmJpwTCdJULqKeRYNFpTG7a3aQGn2OZEbkUwRjeI5OsF9nYtSC6XaQNgYhGFW25MdZ5ePe5RUNANU3V422sNWCIgkbVqxHIfOqufA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
8c27833c0f06913a-FRA
x-amz-cf-id
kUPUN1wg-3eMccT34dZHYVb-kAEyO9LHu_nLfqkgVXil8UVGMeB3dA==
track
requestkeeper.pro/
35 B
643 B
Image
General
Full URL
https://requestkeeper.pro/track?t=page_load&ref=https://bonus.paripesa.com/betting-3/
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.76.164.53 Mainz, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.164.76.144.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 13 Sep 2024 10:39:18 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Transfer-Encoding
binary
Content-Disposition
inline
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
64030ac8-7c30-4c7d-b7d7-2cd9015064ef
X-Runtime
0.009368
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6adc3d4c1056996e4e8b765a62604c78"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
vary
Origin
Content-Type
image/gif
Cache-Control
private
error-icon.png
bonus.paripesa.com/betting-3/dist/images/
366 B
1010 B
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/error-icon.png
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24c347e99e864c3448eaa1f7e4755d212153bc637d75491b6daf87bec54019de

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P5
x-amz-request-id
45K3JNXDVDBYT66J
cf-polished
origFmt=png, origSize=816
age
3825
x-cache
Miss from cloudfront
content-disposition
inline; filename="error-icon.webp"
content-length
366
x-amz-id-2
W7DHsbfL/1lNLmp9W5BtCwL4H9cA7FQBDsxe/m5tqVrHR6hPl/s7UsntGtCQTdm9DFKuN7+3kFU=
cf-bgj
imgq:85,h2pri
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
"a8919c7feea842e1e1eae68fd9c88105"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FU05E8RD9eP0f%2For5kJ0yBJjhd6q1Gi6nSNkPAPY3S1fXoY1%2Fyhqw5%2FugWTXx4H2LbQiPc%2B5LLM%2Fq38EvticWfJxMemY5WBLbnkut%2BV9GJS%2B27HsjkSxEUDuduj6CaDcoCJTIQjURhGJqcJKXbqFpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8c27833c0f09913a-FRA
x-amz-cf-id
vt0K3VGSOr5WlyPDlgU40Ge8uo_coq9BYyaCeImPgbY01FcWCPoMUA==
bonus.webp
bonus.paripesa.com/betting-3/dist/images/
47 KB
48 KB
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/bonus.webp
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e7439571ea90d0b69081a86d89ea87f497e60fd3e25f819cdb978e9c8e995d

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JJPGSP740NMWQ8DW
x-amz-cf-pop
FRA60-P5
age
1714
x-cache
Miss from cloudfront
content-length
48532
x-amz-id-2
S9p4BmFhDCkm1YKjG4v6EUJyc6R5KWHNFGUL6ejGXcmvjBWCfRQhC8bL5qqrQ4C47aK/61/H8DE=
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
"39c315493075be32a716de8028721e1d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=reiK1wk4CluewiUFW7S6eHER3u%2BKZ1S9NWm3UUFefIU9%2Bxk0VIguB3XKSXTf%2Bia9Aq9PK7M%2F%2BFF2KLBiz5tTdd%2BF6Ofcz5yoc%2Fix9Q%2BViQGaJDuXoe2pi9AF0ir4QHbgbkfhFp4%2B8DGBy7AD24KmWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8c27833c6f59913a-FRA
x-amz-cf-id
USpUgdKjxyjkY8n3io7Onb1W_TDgf5woIjuFR0cyRCSxREiPMTg8tQ==
woman.webp
bonus.paripesa.com/betting-3/dist/images/
60 KB
61 KB
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/woman.webp
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e1b326800fd0d6bef02c000ad5d81d21902e6d0555bad95aa10add10b9e90d8

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JJPMN5NGRQZE52VC
x-amz-cf-pop
FRA60-P5
age
1714
x-cache
Miss from cloudfront
content-length
61686
x-amz-id-2
DSYy1CkJlouVKiTmScIisxbLhOp/KpTurWtyGBYEXVT+dzJ5iP0AsCpc/uDuRHggwBMFRryowZo=
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
"6f0a1a3af64198c7da66be6db2896dc1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D02ukjzaNW47mOtyyYWkeE409qB%2BBOABuiGebd9%2FvbWCi431mU105ipq7LUgpx8yu18jyYyP3%2FIiM17%2FuorbhuHO4GtrAafu02yQFCQDpt2d7IMknnUlN5BDMK23OA4gJecRxoc4bihDewpB0UwFcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8c27833c6f61913a-FRA
x-amz-cf-id
6CcseJ22rFojyARbvkBtGmzGrYBFTEc59zZITG0ME-uxgk0HwdOowA==
18+.png
bonus.paripesa.com/betting-3/dist/images/
250 B
872 B
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/18+.png
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d16d23c71138b972876eded39ae6a1df0c39537797e8c7fac131ac01dc8c4a

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P5
x-amz-request-id
45K6H5SAP88X3Z53
cf-polished
origFmt=png, origSize=520
age
1714
x-cache
Miss from cloudfront
content-disposition
inline; filename="18+.webp"
content-length
250
x-amz-id-2
ZDeLGK58oovlHSdqsNXs1autxar6NVfZ/slV1DD1nldGdZMTlOGZgcCBF1KnnwXgrwyX5nAQvH0=
cf-bgj
imgq:85,h2pri
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
"f6095522384cfcf1186fbe2a045d01c3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmERHAhVUVKnqRQAb97O6GsYJnAozGq%2BxfzEmFGuO2mkgl1AUXATnc8WA1Wy%2F3luLyg04E%2BFVDRzu2qVHM6iqTZJhJ1Hhqh3rU53n1TtsoMSmwxjw%2Buj%2Fj1GRPV5Hm77VQplscG1HWPDf7TYsDAQXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8c27833c6f63913a-FRA
x-amz-cf-id
QuWwQazHynhQMjuRTSlP5dTSteGeaOwpLYVRcfRV97dKxr2xE1u-ZQ==
Logo.svg
bonus.paripesa.com/betting-3/dist/images/
4 KB
2 KB
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/Logo.svg
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87e9c3238c99cab3b752dc17be06ad2542748d311a242f4d24d50570af9d8fe0

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 69a82a9746d3a7343dca651e0829f000.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JJPJ70A4TG8PZ282
x-amz-cf-pop
FRA60-P5
age
1714
x-cache
Miss from cloudfront
x-amz-id-2
Nb7gNhyZhcNwsKeCkXETya8z9YWwTuMfcjI0s3yIvli6qBDl2TkkvpK6eZGFBNIv4TG+B15qaaE=
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
W/"03fb343f7eaa51179c05eedf99374891"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v16q4%2BJ%2BXLUtOtcROv6%2FfFXiObOjXNYTC93xqLesOAMVRa6YafK%2FhFFClZ9ZR9y%2FX3%2BO7VVyI%2BfwSA9btQteEm6F2agdeY6HzcABwtLBmX9yevOPu%2F7Zx%2BLYynQ7qDodLJHCWphlBhoOWXqZs%2BFbww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8c27833c7f65913a-FRA
x-amz-cf-id
lFofPuy52FFixtY6u91Q3uZy7EBuWEW1_0PclEcgFo1gm1Viy-3fig==
hide.svg
bonus.paripesa.com/betting-3/dist/images/
2 KB
2 KB
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/hide.svg
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f060f40dd458d6a68d3c46d2562aa378db2f9d979cd1773b6eb06bbc43fc0871

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 0254a3d4b384cab4933ea28efe6685c2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JJPH2NNKKWCJ8Y65
x-amz-cf-pop
FRA60-P5
age
1714
x-cache
Miss from cloudfront
x-amz-id-2
NgIe7zZsMu0iaoXnPxVjqFhC+nED7t5h//exgOY59wXUuvu21Ibkidbdw/sWnwfHiC1vfUMfFLI=
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
W/"c63642841f56336d3fdb8400d072383f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XOuYYfit9CrsTXySoeFaIG63SIzNdq9JVRVzZDJpbNp1hsPJa7gNJ4UYv5hxe2Ly5yKtExpPnBElzlG0%2Fvu8Kh%2FhiYnIsK35cioP9LiaxIRZzgU1INgcINYNEVysTUczAMqFvxbDVfPBhquup%2BhEJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8c27833c7f67913a-FRA
x-amz-cf-id
5aUJ1oxrJorTmXSD5Uu63PqImaV0y-Mjg8qgrUig8uEFYR2HI4KWCw==
show.svg
bonus.paripesa.com/betting-3/dist/images/
1 KB
972 B
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/show.svg
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7144df64865f2ddb1cf33fa319b083c37050718e30a97d53db536b51525c182f

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 f7bf54ada21ef4f1f7e0646051894136.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JJPKH57D20AQK2KQ
x-amz-cf-pop
FRA60-P5
age
1714
x-cache
Miss from cloudfront
x-amz-id-2
/6OqKv5/dfgdUYkoNT9XxQh984dtz0O1F3XzNNo8DjsfR239d1ug16Nlwz+WbJstUVRqQmk6xTE=
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
W/"58d4255b927cae5f63691db4c137e187"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z27pEqiOLRiuiV7rHdN33bLBDttYMaU0BySf6NUTpmvr86x4UJaa7bo4NQBWEGZC27hl109CFjNhJfwvSpwZbQT9DSZuw2hHZQSpfBkSozCS5FoACFTkKu8qTZ4m46CciiNEIfR67wgYQHN%2FwhCV1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8c27833c7f6b913a-FRA
x-amz-cf-id
gX48dvXKqpFbKiKNCJsc4-Hik4jfQF2v3yhHKcPbLQwmMbvM6Di0WA==
gtm.js
www.googletagmanager.com/
182 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KH4PG3C
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8842ea4bd0f1cb46ab2372af04cf22ee7c2069cb00d51f5e27272cdd124da9e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67186
x-xss-protection
0
last-modified
Fri, 13 Sep 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Sep 2024 10:39:18 GMT
gtr.min.js
dsp-media.eskimi.com/assets/js/e/
5 KB
3 KB
Script
General
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 13 Sep 2024 10:39:18 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1082
cdn-cachedat
08/29/2024 14:26:24
cdn-pullzone
692289
last-modified
Thu, 29 Aug 2024 14:04:29 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"66d07fed-1353"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
d232aaac80ffd01bb7d180af2b1ac381
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
expires
Fri, 29 Aug 2025 14:26:24 GMT
bg-img.png
bonus.paripesa.com/betting-3/dist/images/
179 KB
180 KB
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/bg-img.png
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/css/style3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f9f6d37a329465a86d3006331684452a9c14dc86f083e1b65a9787e33e7910f

Request headers

Referer
https://bonus.paripesa.com/betting-3/css/style3.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:19 GMT
via
1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
V607VZ025143CTTP
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-length
183580
x-amz-id-2
Rg5R7sfTUJkklP08asJge4fqIJeasLSWgpXsfzei5fvmr6pM4JhllfuCCFGYZ050FE9MJuBMELY=
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
"26cd70b2260ca5f9db31113d7bf8aa9b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Tg%2B4vD2DVE%2FwwjNmaRgyjQNI1Qm%2BQdzI8N9%2BTpyZ4ZjFFygIFUu9CT7korJxitMF9H%2FuY0qKNGQMTT4B84Wv6zSdRAfVufj2kHk9XV6tokpXDWCEibm0m8NcZ%2BX8gTUYxZz%2FsMPpZE06kiK1K7ALg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8c27833c7f6c913a-FRA
x-amz-cf-id
W27eaIds3b-C_qNpWOk55c6byzY7VMRQwEXlMnXPuyCPqf1y7-z0lQ==
Vector.svg
bonus.paripesa.com/betting-3/dist/images/
522 B
865 B
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/Vector.svg
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/css/style3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f6b7c1fb3e76b13c3f619499bc1c16989339883665d12c7ae6b751261fd6461

Request headers

Referer
https://bonus.paripesa.com/betting-3/css/style3.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
R61H7YZ1PGJV3ZA8
x-amz-cf-pop
FRA60-P5
age
1714
x-cache
Miss from cloudfront
x-amz-id-2
yv/AT2ye6kyiOwOb/qn8X6dMOuabsHgSqqPaIPK+ad1tyVJa6ogDfazw/F4udm0EBnE1F3KGGgw=
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
W/"b84c18173d343d3f80c93710f4ffb690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2Bwjt1jWwk2Wz%2BLrUWm7RQMVPpn8EYS4GZAKHt%2FX0GE%2FedtFajl6d7kHPMkS%2F99d7yihnSmCJwvP6icqgyfWjOFhjipkt8pzDECxo3m%2BXWe0UXTb5EjvZ9ygiCQuGEE1n%2FxUzFPF30Udytlj5nVD0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8c27833c7f6d913a-FRA
x-amz-cf-id
RW6wtLP7RubzgWQpq89HYYNxq-cTFr9F5v4qF5X8dQDKoghsv9Qb9w==
18+.svg
bonus.paripesa.com/betting-3/dist/images/
2 KB
1 KB
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/18+.svg
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a510ee160f786f8c695ab27686d934584a556d87b839cfa647e8aa9d4462dd3f

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 b459d8cae3f218ce39711fc3ecdcc998.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JJPWDWZFQ7BGNF0C
x-amz-cf-pop
FRA60-P5
age
1714
x-cache
Miss from cloudfront
x-amz-id-2
cvPCWORJ/mtwcEevS7CjNxfs8XBLVeZF3m2G2qT/YET2S0e3J4HIaRK3HvQLhaVT8aS3m6Ggd+8=
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
W/"fad221c69615910d9d26417094081027"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJzrFMhoL8bGLXqoGG7DLbQOfcNqLOxDNcZ2fNAqcr5QFG2vAbgIdOqs0QK5Lt7Y8eNXAKwI6Gsz6pOGfo8Y64Xr9fRNwua22jMfbMIoY6lGw03mf4qFbDeuZ504HNDkt1XHewAIXCyhNZnIkp4ewA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
8c27833cafa7913a-FRA
x-amz-cf-id
138Of9xjjhILoY0TT1KMFZs8B8Ssu1PAFFRjRGKayE6qd7khweLnCw==
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/
12 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
223439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2695
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-31fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqV8gucmDgv6nkQVSuYKE%2Bh1Y46DIlTzH1j%2BtB31W2WyiiH5rXoYVuXgVksh6HvTx2HpkITiTPuQ56bUBOGKhN%2Bwsm19EU%2BcXTtNVdOYH8cELsCoMrh%2BJiQRMkbZWxNdpnaTV9qb"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c27833ce978d2a5-FRA
expires
Wed, 03 Sep 2025 10:39:18 GMT
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
156d6126d329168667f3fc9fd67a12202eae1ac3619318e0fff058fb74944c1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Sep 2024 10:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Sep 2024 09:29:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Sep 2024 10:39:18 GMT
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/
35 KB
8 KB
Stylesheet
General
Full URL
https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2655451
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
content-length
8323
x-served-by
cache-lga21981-LGA, cache-fra-etou8220101-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1726223959.590790,VS0,VE0
etag
W/"28feccc0-8c85"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
0, 52727
bundle.js
bonus.paripesa.com/dist/
688 KB
206 KB
Script
General
Full URL
https://bonus.paripesa.com/dist/bundle.js
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6369efad171e9252461b369ea188888e0433e7ac83c24960ea777076850dd03b

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
R61YYR0P61DMSP7C
x-amz-cf-pop
FRA60-P5
age
1714
x-cache
Miss from cloudfront
x-amz-id-2
ZXBNHtGD3bV4BlhikjWdBI0aiTuH9Vv52SNDtmy1f4nnUv8B8pAtLtSE0PsundFDo/4vQ5Qq8MI=
last-modified
Mon, 10 Jun 2024 13:15:08 GMT
server
cloudflare
etag
W/"5751eccdebb4d0a85910322f8b659c46"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13kbFdW%2BUsuSoL%2FCIhrwvzDtKX%2BD2bC%2BBnh%2Fgppz4%2F2A2ODSaubfktGVgLfZnC7TuGDsQqATklAgX61LSQMipLWSBYXjSveMCMY7LlA3V0Esiz1%2BRBA1R8gyKKhMiiJl0CWAw9XYrO4G7zJImng4wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8c27833cafac913a-FRA
x-amz-cf-id
v8wi7KAjsRvNZVRxWKZQ57SHirjiAINPu-PKvrjzhb4DyS7KiK6MMw==
ipdata
paripesa.bet/
21 B
727 B
XHR
General
Full URL
https://paripesa.bet/ipdata
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8569d70e399e53a5390312dc85f31c52866df7209e3bc1415b3166395358b6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c280c809-6f55-4d56-96f7-dbbc0b75f973
x-runtime
0.003117
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c8569d70e399e53a5390312dc85f31c5"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l379Rf1PHlX%2BVvPi8nV12ff%2FeMU7cNacvyS2ew7PTevTOtKZ7ooeoIG9nncjvfWKEaH4FM4AuBc3uDC4Nf7O4a1W9%2FWTQBzUemCvGVB3CZaxURPE672u2q%2BpVl9ng7A%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
vary
Origin
cf-ray
8c27833e0c94d289-FRA
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.paripesa.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 01:38:07 GMT
x-content-type-options
nosniff
age
550871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Sep 2025 01:38:07 GMT
cssession
dsp-trk.eskimi.com/tracking/
2 B
457 B
XHR
General
Full URL
https://dsp-trk.eskimi.com/tracking/cssession?tst&id=32163&url=https%3A%2F%2Fbonus.paripesa.com%2Fbetting-3%2Findex.html%3Ftag%3Dd_1988789m_60651c_&t=1726223958711
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.42.63.49 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://bonus.paripesa.com
Date
Fri, 13 Sep 2024 10:39:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
gtr
dsp-ap.eskimi.com/v2/
116 B
1011 B
XHR
General
Full URL
https://dsp-ap.eskimi.com/v2/gtr?id=32163&url=https%3A%2F%2Fbonus.paripesa.com%2Fbetting-3%2Findex.html%3Ftag%3Dd_1988789m_60651c_&t=1726223958711
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.42.63.48 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
da2288ed2916e28a02968d84d6dd336734d93f02ffeffdd1ee101d18672350a7

Request headers

Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 13 Sep 2024 10:39:18 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://bonus.paripesa.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
/
api.ipregistry.co/
2 KB
2 KB
XHR
General
Full URL
https://api.ipregistry.co/?key=40g632i3k97gogqy
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2dbaf73b941aa099c62f5dff7b19a972295dff15117af7e15ac7e7b720bba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
content-encoding
gzip
ipregistry-credits-consumed
1
strict-transport-security
max-age=31536000 ; includeSubDomains
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
ipregistry-region
de-nbg1
alt-svc
h3=":443"; ma=86400
content-length
1058
x-xss-protection
0
ipregistry-pod
ipregistry-api-776f684fb8-h55jz
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
ipregistry-credits-remaining
1940109
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Ipregistry-Credits-Remaining, Ipregistry-Credits-Consumed, Ipregistry-Version, Ipregistry-Pod, Ipregistry-Region
cache-control
no-cache, no-store, max-age=0, must-revalidate
ipregistry-version
1
cf-ray
8c27833eda2cca58-HAM
expires
0
Down.png
bonus.paripesa.com/betting-3/dist/images/
96 B
704 B
Image
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/Down.png
Requested by
Host: bonus.paripesa.com
URL: https://bonus.paripesa.com/betting-3/css/style3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6602f99f6a4c2bb988263c20723fcbf7bc5331fcf15818bda3169f400ca10367

Request headers

Referer
https://bonus.paripesa.com/betting-3/css/style3.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:18 GMT
via
1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P5
x-amz-request-id
XGG2SQY49G6TY25F
cf-polished
origFmt=png, origSize=193
age
1713
x-cache
Miss from cloudfront
content-disposition
inline; filename="Down.webp"
content-length
96
x-amz-id-2
gcmPhu1O3Q53XaxpazexJ2/lYPFntNnTHu+/SV6I2jIsNsPrRUbiATfZ2WSs/ZbG83i5hHxGzFw=
cf-bgj
imgq:85,h2pri
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
"b83c0d09e029e5ab4e82919b8dc00b81"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CF7Y0XA4tZgWFHpJVjvu3aLLKFuXMJvrdSKSKTAHR4I6k7GA7T1CvbNBo7WgLDuKXwTjWdcicyOG2xBa3Ddpnzj7eFXJ9r%2F7OPjAk9yLlmK9CMVGlunvWDbeLaKDJ9XsMhCw7vl5WKJBiofdAe6KZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8c27833f9b1e913a-FRA
x-amz-cf-id
pEH6BunRoDbnaLgu4A5Qz-ATRx075BtKVcf3W6MME1ruL3OGsRZbCQ==
favicon.ico
bonus.paripesa.com/betting-3/dist/images/
19 KB
7 KB
Other
General
Full URL
https://bonus.paripesa.com/betting-3/dist/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0531bdd7a6b527affc093223fddaac5d5ca6f785c9d351a0f57d5c2c3a1b7fc1

Request headers

Referer
https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 10:39:19 GMT
via
1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S49FJDVH8FB33PCE
x-amz-cf-pop
FRA60-P5
age
1715
x-cache
Miss from cloudfront
x-amz-id-2
lnEnMIebvGPj/o1euZLka9yhDkRF5QER1B4c1LZ7MD+LtVr27n4BCaPsAD7be8kS3MGODtAtC6w=
last-modified
Sat, 18 May 2024 11:13:34 GMT
server
cloudflare
etag
W/"173f0f16fcd1b1a43caeff5422bafef0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2BAh1qwIAhi%2BBzDh0DlWZtZKIs9zq8pPtrHH3wdl1O6L1x60sYzZw52zb1SRUYingMW%2Fe%2FT5DT68Ta4GE%2BMsytSImigQdgbG%2FlBvuZ5tkAZkHLJi627%2BLLfzH2kbVW34QGK2yynWnIPL%2BJ9Y8gKwyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=31536000
cf-ray
8c278340cc53913a-FRA
x-amz-cf-id
7o8pQ2JmsQ7IPcsxlX0YFLlIDBi_wuxw8BOseGY3zbaiu4xPDG04eQ==
track
requestkeeper.pro/
35 B
643 B
Image
General
Full URL
https://requestkeeper.pro/track?t=user_visit&s=%7B%22ip%22%3A%2280.255.7.106%22%2C%22url%22%3A%22https%3A%2F%2Fbonus.paripesa.com%2Fbetting-3%2Findex.html%3Ftag%3Dd_1988789m_60651c_%22%2C%22fingerprint%22%3A%2218a20acc3efb1bf93c3e4bb9fe79a4af%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36%22%2C%22rf%22%3A%22%22%2C%22lg%22%3A%22de-DE%22%2C%22b_r%22%3A%221600x1200%22%2C%22b_d%22%3A%221600x1200%22%7D&d=%7B%7D&r=%7B%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.76.164.53 Mainz, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.164.76.144.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bonus.paripesa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 13 Sep 2024 10:39:19 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Transfer-Encoding
binary
Content-Disposition
inline
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
60b55ef8-52ca-446b-9075-db6bdabd948e
X-Runtime
0.009619
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6adc3d4c1056996e4e8b765a62604c78"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
vary
Origin
Content-Type
image/gif
Cache-Control
private

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| esk function| ___esk function| asyncCSS object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| jQuery function| $ object| google_tag_manager object| google_tag_data function| _b64dec

6 Cookies

Domain/Path Name / Value
bonus.paripesa.com/ Name: visit_time
Value: 1726223958763
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: 6d8a1c6e-df24-4ea7-a2d9-fc061eb3e56f
.eskimi.com/ Name: __eP
Value: 1
.paripesa.com/ Name: reflinkid
Value: d_1988789m_60651c_
.paripesa.com/ Name: referral_values
Value: {%22type%22:%22reflinkid%22%2C%22val%22:%22d_1988789m_60651c_%22%2C%22additional%22:{%22name_tag%22:%22tag%22%2C%22ref_partner_id%22:null%2C%22bw_%22:null}}

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://bonus.paripesa.com/betting-3/index.html?tag=d_1988789m_60651c_
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipregistry.co
bonus.paripesa.com
cdnjs.cloudflare.com
code.jquery.com
combodef.com
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
fonts.googleapis.com
fonts.gstatic.com
paripesa.bet
requestkeeper.pro
www.googletagmanager.com
104.17.25.14
104.18.26.170
144.76.164.53
172.67.208.212
178.253.46.215
188.42.63.48
188.42.63.49
2400:52e0:1e00::1080:1
2606:4700:20::681a:608
2a00:1450:4001:81c::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
2a04:4e42:400::649
0531bdd7a6b527affc093223fddaac5d5ca6f785c9d351a0f57d5c2c3a1b7fc1
0f6b7c1fb3e76b13c3f619499bc1c16989339883665d12c7ae6b751261fd6461
10d16d23c71138b972876eded39ae6a1df0c39537797e8c7fac131ac01dc8c4a
156d6126d329168667f3fc9fd67a12202eae1ac3619318e0fff058fb74944c1d
24c347e99e864c3448eaa1f7e4755d212153bc637d75491b6daf87bec54019de
26e7439571ea90d0b69081a86d89ea87f497e60fd3e25f819cdb978e9c8e995d
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
3e1b326800fd0d6bef02c000ad5d81d21902e6d0555bad95aa10add10b9e90d8
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4f9f6d37a329465a86d3006331684452a9c14dc86f083e1b65a9787e33e7910f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
6369efad171e9252461b369ea188888e0433e7ac83c24960ea777076850dd03b
6602f99f6a4c2bb988263c20723fcbf7bc5331fcf15818bda3169f400ca10367
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7144df64865f2ddb1cf33fa319b083c37050718e30a97d53db536b51525c182f
87e9c3238c99cab3b752dc17be06ad2542748d311a242f4d24d50570af9d8fe0
8842ea4bd0f1cb46ab2372af04cf22ee7c2069cb00d51f5e27272cdd124da9e5
8e2dbaf73b941aa099c62f5dff7b19a972295dff15117af7e15ac7e7b720bba2
a510ee160f786f8c695ab27686d934584a556d87b839cfa647e8aa9d4462dd3f
b89baea22660375b7edd50be7a829462e469548a75c02173a25227e33c714896
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c8569d70e399e53a5390312dc85f31c52866df7209e3bc1415b3166395358b6f
d833aa540574ccc00da07d9ef2feb22167e0dee38107568c711d3b59b15922aa
da2288ed2916e28a02968d84d6dd336734d93f02ffeffdd1ee101d18672350a7
f060f40dd458d6a68d3c46d2562aa378db2f9d979cd1773b6eb06bbc43fc0871