urlscan.io logo urlscan.io
SecurityTrails logo

casinoconcept.my-free.website Open in urlscan Pro
2606:4700::6811:e5a8  Public Scan

Go To Rescan Add Verdict Report
URL: https://casinoconcept.my-free.website/blog/post/1050051/Gamemania-Cash-Gift
Submission: On May 07 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6811:e5a8, located in United States and belongs to CLOUDFLARENET, US. The main domain is casinoconcept.my-free.website.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 3rd 2023. Valid for: a year.
This is the only time casinoconcept.my-free.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.190.14.35 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 13.92.180.208 8075 (MICROSOFT...)
1 91.210.164.97 204957 (GREENFLOI...)
1 2a04:4e42:8e::84 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:220... 15133 (EDGECAST)
1 23.50.131.90 20940 (AKAMAI-ASN1)
1 199.34.228.54 27647 (WEEBLY)
19 15
3    2606:4700::6811:e5a8 (United States)

ASN13335 (CLOUDFLARENET, US)
casinoconcept.my-free.website
2    35.190.14.35 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 35.14.190.35.bc.googleusercontent.com
components.mywebsitebuilder.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:f258 (United States)

ASN13335 (CLOUDFLARENET, US)
runtime.builderservices.io
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:6010 (United States)

ASN13335 (CLOUDFLARENET, US)
in-app.mywebsitebuilder.com
1    2606:4700::6812:6110 (United States)

ASN13335 (CLOUDFLARENET, US)
blog-viewer-api.mywebsitebuilder.com
2    13.92.180.208 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
in-us-east-event-hubs.servicebus.windows.net
1    91.210.164.97 (Los Angeles, United States)

ASN204957 (GREENFLOID-AS, US)
PTR: ibmwa11182.vds
mix-goapp.com
1    2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)
i.pinimg.com
1    2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2606:2800:220:13d:2176:94a:948:148e (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
1    23.50.131.90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-90.deploy.static.akamaitechnologies.com
netstorage-tuko.akamaized.net
1    199.34.228.54 (United States)

ASN27647 (WEEBLY, US)
PTR: pages-wildcard-2.weebly.com
compufree966.weebly.com
Apex Domain
Subdomains		 Transfer
4 mywebsitebuilder.com
components.mywebsitebuilder.com — Cisco Umbrella Rank: 71843
in-app.mywebsitebuilder.com — Cisco Umbrella Rank: 168638
blog-viewer-api.mywebsitebuilder.com
127 KB
3 my-free.website
casinoconcept.my-free.website
41 KB
2 windows.net
in-us-east-event-hubs.servicebus.windows.net — Cisco Umbrella Rank: 79066
324 B
2 gstatic.com
fonts.gstatic.com
51 KB
1 weebly.com
compufree966.weebly.com
109 KB
1 akamaized.net
netstorage-tuko.akamaized.net — Cisco Umbrella Rank: 213264
6 KB
1 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 836
111 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 95
79 KB
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 1976
1 MB
1 mix-goapp.com
mix-goapp.com
10 KB
1 builderservices.io
runtime.builderservices.io — Cisco Umbrella Rank: 151559
454 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
19 12
Domain Requested by
3 casinoconcept.my-free.website casinoconcept.my-free.website
runtime.builderservices.io
2 in-us-east-event-hubs.servicebus.windows.net in-app.mywebsitebuilder.com
2 fonts.gstatic.com fonts.googleapis.com
2 components.mywebsitebuilder.com casinoconcept.my-free.website
components.mywebsitebuilder.com
1 compufree966.weebly.com
1 netstorage-tuko.akamaized.net
1 pbs.twimg.com
1 i.ytimg.com
1 i.pinimg.com
1 mix-goapp.com
1 blog-viewer-api.mywebsitebuilder.com runtime.builderservices.io
1 in-app.mywebsitebuilder.com runtime.builderservices.io
1 runtime.builderservices.io casinoconcept.my-free.website
1 fonts.googleapis.com casinoconcept.my-free.website
19 14

This site contains links to these domains. Also see Links.

Domain
websitebuilder.mix-goapp.com
www.websitebuilder.com
Subject Issuer Validity Valid
my-free.website
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
*.mywebsitebuilder.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-23 -
2023-11-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
builderservices.io
Cloudflare Inc ECC CA-3		 2023-03-07 -
2024-03-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
mywebsitebuilder.com
Cloudflare Inc ECC CA-3		 2023-03-31 -
2024-03-30		 a year crt.sh
servicebus.windows.net
Microsoft Azure TLS Issuing CA 01		 2023-04-16 -
2024-04-10		 a year crt.sh
mix-goapp.com
R3		 2023-03-31 -
2023-06-29		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-08-08		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.weebly.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-11-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://casinoconcept.my-free.website/blog/post/1050051/Gamemania-Cash-Gift
Frame ID: 2D1844A5805EFC765425AE01F1815D2B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gamemania Cash Gift - Blog Post - casinoconcept

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

14
Subdomains

15
IPs

2
Countries

2471 kB
Transfer

3903 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Gamemania-Cash-Gift
casinoconcept.my-free.website/blog/post/1050051/ 		205 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://casinoconcept.my-free.website/blog/post/1050051/Gamemania-Cash-Gift
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae9df3c9741e96b2e8684ddb90d2f6ed0fb279c550a94fd0a7b13a1c09b3ef4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
MISS
cf-ray
7c3bffff8a054179-LHR
content-encoding
br
content-type
text/html
date
Sun, 07 May 2023 19:51:51 GMT
last-modified
Sat, 12 Jun 2021 23:42:28 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1623541348597916
x-goog-hash
crc32c=7m8jPg== md5=LnepAZ0mwuVV0KJi4i4FlQ==
x-goog-meta-dynamic
true
x-goog-meta-type
blogpost
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
210800
x-guploader-uploadid
ADPycdsSyMkggnMeH1gopxfB4mdZjkWHaDKshZLE0xF3WVLngD_33HUxQ8BP0VvWdy-DGTCSnivsYVX830ErKqH_4w0BeA
x-worker-version
1.0.0
font-awesome.css
components.mywebsitebuilder.com/fonts/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/fonts/font-awesome.css
Requested by
Host: casinoconcept.my-free.website
URL: https://casinoconcept.my-free.website/blog/post/1050051/Gamemania-Cash-Gift
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd1411968f2f8d6fac8407f679d31f30939345c45bf1df811ba149120d879fb1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:11:09 GMT
age
1478443
x-guploader-uploadid
ADPycdsbI54CWIjDaTCLCrwcG5EC1cjXjg-LUHHg8wud0jBRJa_vxwIYOAhETqsw7s2pbQi_vEUMFFeILPHLnBZ-HQ9Gqw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30748
x-goog-meta-
last-modified
Fri, 18 Dec 2020 10:13:33 GMT
server
UploadServer
etag
"9f3af79fa00509146c92bd91454d4eaf"
x-goog-generation
1608286413516447
x-goog-hash
crc32c=ghVUSQ==, md5=nzr3n6AFCRRskr2RRU1Orw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
Cache-Control:public,max-age=315360001
x-goog-stored-content-length
30748
accept-ranges
bytes
content-type
text/css
expires
Fri, 19 Apr 2024 17:11:09 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?display=swap&family=Calistoga:400|Arimo:400
Requested by
Host: casinoconcept.my-free.website
URL: https://casinoconcept.my-free.website/blog/post/1050051/Gamemania-Cash-Gift
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79e2b5802a295b2d2154bed810196a8dbc3d1b1e1bf9c0dac8ed41d4f7aee85e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 19:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 19:51:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 19:51:51 GMT
blog_post.e4bdd66c.js
casinoconcept.my-free.website/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://casinoconcept.my-free.website/blog_post.e4bdd66c.js
Requested by
Host: casinoconcept.my-free.website
URL: https://casinoconcept.my-free.website/blog/post/1050051/Gamemania-Cash-Gift
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373daf550a047ef6fd0b357f20b1687703674427a87053d4801b1b6ca27e90ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/blog/post/1050051/Gamemania-Cash-Gift
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 19:51:52 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsFFY-OQ-DC9p1QQNO4m8VIWo4668iTOdbKgQWkplDb39zWGhZXS3stf25780ncF32aI9MDEWwR5WUuCV9b6b5J1G0s_UPa
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Sat, 12 Jun 2021 23:42:28 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-hash
crc32c=mdMmbQ==, md5=yDx2z7MshDO36edJ+8W+fA==
x-goog-generation
1623541348470871
content-type
application/javascript
x-goog-stored-content-length
37224
cf-ray
7c3c00054d1e4179-LHR
x-worker-version
1.0.0
bundle.js
runtime.builderservices.io/runtime-websitebuilder-20444/ 		2 MB
454 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://runtime.builderservices.io/runtime-websitebuilder-20444/bundle.js
Requested by
Host: casinoconcept.my-free.website
URL: https://casinoconcept.my-free.website/blog/post/1050051/Gamemania-Cash-Gift
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ac8cdfd666fa149dc9c07000c4f0fc146ebf0e7e97acc1a1a2b0682d5f55145

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 07 May 2023 19:51:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Jun 2021 08:10:08 GMT
server
cloudflare
content-md5
P283bEcteUYnfWq55x+qHQ==
age
335
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
e5c9300f-d01e-005a-571c-8187ab000000
cache-control
"max-age=31536000"
x-ms-version
2009-09-19
cf-ray
7c3c0005adc13864-LHR
P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
fonts.gstatic.com/s/arimo/v28/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v28/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Calistoga:400|Arimo:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee722fbe14fb1d4f9be819f751060dac917300406c95b2aa67289ba7f493b7ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://casinoconcept.my-free.website
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 16:42:24 GMT
x-content-type-options
nosniff
age
97768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11476
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:54:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 16:42:24 GMT
fontawesome-webfont.woff2
components.mywebsitebuilder.com/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/fonts/fontawesome-webfont.woff2
Requested by
Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/fonts/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://components.mywebsitebuilder.com/fonts/font-awesome.css
Origin
https://casinoconcept.my-free.website
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 14:49:22 GMT
age
1486950
x-guploader-uploadid
ADPycdukPCOKOHxRW3jGHL6ufsep0DYixt19z0V1QsSM1qp0ILLBy3tq9pwGXJlZzEPqzk-4vKip8dlcTQICXfcO8AjTSg
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77160
last-modified
Tue, 16 Jul 2019 09:58:09 GMT
server
UploadServer
etag
"af7ae505a9eed503f8b8e6982036873e"
x-goog-generation
1563271089052469
x-goog-hash
crc32c=hGsrhw==, md5=r3rlBanu1QP4uOaYIDaHPg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=31557600
x-goog-stored-content-length
77160
accept-ranges
bytes
content-type
application/octet-stream
expires
Fri, 19 Apr 2024 14:49:22 GMT
6NUU8F2OJg6MeR7l4e0fs8wB.woff2
fonts.gstatic.com/s/calistoga/v13/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/calistoga/v13/6NUU8F2OJg6MeR7l4e0fs8wB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Calistoga:400|Arimo:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9c6a391defb9a18895b9367eb074b3d05f77fb079efa80ff1b300850643f1c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://casinoconcept.my-free.website
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 16:26:05 GMT
x-content-type-options
nosniff
age
98747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40112
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 18:23:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 16:26:05 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7ee85d5b7f72deba9cbf17e9e07ae06b0b866d6cad9048388c9d4a886f32243

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
50739575
casinoconcept.my-free.website/v1.0/runtime/appmarket/render/3/ 		1 KB
751 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://casinoconcept.my-free.website/v1.0/runtime/appmarket/render/3/50739575
Requested by
Host: runtime.builderservices.io
URL: https://runtime.builderservices.io/runtime-websitebuilder-20444/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d19c3d52f758a41c89c4041cc751f203556ddb7810f0c58aeda7c8a89721083

Request headers

Referer
https://casinoconcept.my-free.website/blog/post/1050051/Gamemania-Cash-Gift
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 May 2023 19:51:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 07 May 2023 19:51:53 GMT
server
cloudflare
x-builder-tracking-id
4b0d39a889f34cb387d7c151a048d34b
vary
Accept-Encoding
x-worker-origin
skip-rule
content-type
application/json; charset=utf-8
cf-ray
7c3c0008bbda4179-LHR
x-worker-version
1.0.0
sdk-insights-tracker
in-app.mywebsitebuilder.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://in-app.mywebsitebuilder.com/sdk-insights-tracker?appMarketEnv=prod&debug=true&instanceJwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbnN0YW5jZUlkIjoiODY2NzcwMWUyODMyNDVhYjk2MmJjMjkyZjRjZmIyZGMiLCJicmFuZCI6IndlYnNpdGVidWlsZGVyIiwiZXhwIjoxNjgzNTc1NTEzfQ._F0JPjyW8KlInKkplWIRCdXG_bqB_-q0ZnjksPzjG8o
Requested by
Host: runtime.builderservices.io
URL: https://runtime.builderservices.io/runtime-websitebuilder-20444/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35e00051a8b84512de2e976927bcdcbfa55cc4035b47b7c1e0a1e09a110b905

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 19:51:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 25 Oct 2019 09:38:44 GMT
server
cloudflare
etag
0x8D7592F1FA5BFFC
x-builder-tracking-id
1ecbd385f054459a8e72450f7ce2ffdc
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7c3c000d7d757783-LHR
x-builder-tracking-span-id
1ecbd385f054459a8e72450f7ce2ffdc
1050051
blog-viewer-api.mywebsitebuilder.com/v1.0/8b0fccf9dba44c52859a20851b8925e2/blog/posts/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://blog-viewer-api.mywebsitebuilder.com/v1.0/8b0fccf9dba44c52859a20851b8925e2/blog/posts/1050051
Requested by
Host: runtime.builderservices.io
URL: https://runtime.builderservices.io/runtime-websitebuilder-20444/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c647c22f1fdb52eff6572432d9c7c04831ecfd45b0309ac5059766e06d765d2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 19:51:53 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
cf-cache-status
DYNAMIC
server
cloudflare
x-builder-tracking-id
cb3ade74-eb03-49d1-a8ef-71585dc802a0, cb3ade74-eb03-49d1-a8ef-71585dc802a0
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://casinoconcept.my-free.website
access-control-expose-headers
X-XSRF-TOKEN
access-control-allow-credentials
true
x-nf-tracking-id
0HMQ762AH8FBD:00000002
cf-ray
7c3c000d793871c8-LHR
x-builder-tracking-span-id
722b4891907d43a1a6a734e280d0eb52
/
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/?timeout=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.92.180.208 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://casinoconcept.my-free.website
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://casinoconcept.my-free.website
Access-Control-Max-Age
3600
Content-Length
0
Date
Sun, 07 May 2023 19:51:53 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/?timeout=10
Requested by
Host: in-app.mywebsitebuilder.com
URL: https://in-app.mywebsitebuilder.com/sdk-insights-tracker?appMarketEnv=prod&debug=true&instanceJwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbnN0YW5jZUlkIjoiODY2NzcwMWUyODMyNDVhYjk2MmJjMjkyZjRjZmIyZGMiLCJicmFuZCI6IndlYnNpdGVidWlsZGVyIiwiZXhwIjoxNjgzNTc1NTEzfQ._F0JPjyW8KlInKkplWIRCdXG_bqB_-q0ZnjksPzjG8o
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.92.180.208 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://casinoconcept.my-free.website/
accept-language
en-GB,en;q=0.9
Authorization
SharedAccessSignature sr=http%3A%2F%2Fin-us-east-event-hubs.servicebus.windows.net%2Fin-us-east-event-hub-a1&sig=aHzH1lU9E85t228KrU5E7KEZvRHR0s52Hcwsg0LYypk%3D&se=1683492713.454&skn=Send
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://casinoconcept.my-free.website
Strict-Transport-Security
max-age=31536000
Date
Sun, 07 May 2023 19:51:53 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
play_now_3.jpg
mix-goapp.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mix-goapp.com/images/play_now_3.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.210.164.97 Los Angeles, United States, ASN204957 (GREENFLOID-AS, US),
Reverse DNS
ibmwa11182.vds
Software
nginx /
Resource Hash
12fb14086b71e7db4385a631d07977d2931a88ce9a0a6f45b2ef7b27090675d9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 19:51:54 GMT
Last-Modified
Sun, 23 Jan 2022 23:34:20 GMT
Server
nginx
ETag
"61ede5fc-2628"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
9768
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0edac925068ba363b0162a85cb996dd3.jpg
i.pinimg.com/originals/0e/da/c9/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/0e/da/c9/0edac925068ba363b0162a85cb996dd3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e86a73065958eb8213bcfe4520ca07c0b2a22a71c113118efd52dd65a93918da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 19:51:54 GMT
x-cdn
fastly
etag
"d742afde4a5153427fba6a8300f27b20"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
1515936
sddefault.jpg
i.ytimg.com/vi/kLf_9-py6Yc/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/kLf_9-py6Yc/sddefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fef84b7a453b717db95678e1aaded73ef3a3e58c6d7771798767bc2ba298fea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 19:51:53 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80844
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 07 May 2023 21:51:53 GMT
EIRAHUEXUAA4Bwq.jpg
pbs.twimg.com/media/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EIRAHUEXUAA4Bwq.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (bsa/EB1B) /
Resource Hash
d6cf65885e1ecc322b326940d4ee0f755da43f5cb7f6c96f11abb15148ecc62a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 19:51:54 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
0
x-cache
MISS
server-timing
x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length
113010
x-response-time
49
surrogate-key
media media/bucket/5 media/1190146695922929664
last-modified
Fri, 01 Nov 2019 05:58:58 GMT
server
ECS (bsa/EB1B)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
370e0a2dd557f581
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
de363f3b7e1e22dbade54f1b2e60aef852f32e3fbcf22525d6560daf24434b05
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
0fgjhsomt58a6dvfc.jpg
netstorage-tuko.akamaized.net/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netstorage-tuko.akamaized.net/images/0fgjhsomt58a6dvfc.jpg?impolicy=cropped-image&imwidth=256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-90.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
13325617df9693cdfd814eb727969decec9ebb87e866afa036a789cf743715f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 19:51:53 GMT
last-modified
Wed, 16 Nov 2022 23:45:57 GMT
server
Akamai Image Manager
etag
"ef1b09d0692fdb009ab00cbe1bc3ecb4:1540862775.068595"
content-type
image/jpeg
cache-control
no-transform, max-age=31622400
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
6310
expires
Tue, 07 May 2024 19:51:53 GMT
255825496.jpg
compufree966.weebly.com/uploads/1/3/6/8/136893668/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compufree966.weebly.com/uploads/1/3/6/8/136893668/255825496.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-wildcard-2.weebly.com
Software
nginx /
Resource Hash
76f36311eaf7cb7597c1075bc7e97a37e1c5d962ec205afc731fe0948abcfbc6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://casinoconcept.my-free.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sun, 07 May 2023 19:51:54 GMT
X-Storage-Object
76f36311eaf7cb7597c1075bc7e97a37e1c5d962ec205afc731fe0948abcfbc6
Last-Modified
Tue, 30 Mar 2021 04:00:57 GMT
Server
nginx
x-amz-request-id
tx0000068d6b8a22e8df89b-006458015a-da075c0-sfo1
ETag
"1475d4435763511c07319c7a62284f8c"
Content-Type
image/jpeg
x-rgw-object-type
Normal
X-Storage-Bucket
z76f3
X-Host
blu56.sf2p.intern.weebly.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
110843

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| __features object| _featureSettings object| _page object| _WP_JSONP object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| _xsrfToken function| Velocity object| _GoogleMapsApi boolean| _isPublished object| _site function| __bi__ object| _feature_events function| showModal object| _zoomUpdateEvents object| EventHubHistory

2 Cookies

Domain/Path Name / Value
casinoconcept.my-free.website/ Name: app_key
Value: A1CA0189-6512-6119-FC4A-C6F4BE5F7286/1683489113453
casinoconcept.my-free.website/ Name: app_ses_key
Value: 3D361A3F-E832-3202-8860-86BD609FA0D1%3A1683489113453%3A%25blog%25post%251050051%25Gamemania-Cash-Gift/none

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog-viewer-api.mywebsitebuilder.com
casinoconcept.my-free.website
components.mywebsitebuilder.com
compufree966.weebly.com
fonts.googleapis.com
fonts.gstatic.com
i.pinimg.com
i.ytimg.com
in-app.mywebsitebuilder.com
in-us-east-event-hubs.servicebus.windows.net
mix-goapp.com
netstorage-tuko.akamaized.net
pbs.twimg.com
runtime.builderservices.io
13.92.180.208
199.34.228.54
23.50.131.90
2606:2800:220:13d:2176:94a:948:148e
2606:4700::6811:e5a8
2606:4700::6812:6010
2606:4700::6812:6110
2606:4700::6812:f258
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2016
2a00:1450:4001:812::2003
2a04:4e42:8e::84
35.190.14.35
91.210.164.97
12fb14086b71e7db4385a631d07977d2931a88ce9a0a6f45b2ef7b27090675d9
13325617df9693cdfd814eb727969decec9ebb87e866afa036a789cf743715f3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c647c22f1fdb52eff6572432d9c7c04831ecfd45b0309ac5059766e06d765d2
2d19c3d52f758a41c89c4041cc751f203556ddb7810f0c58aeda7c8a89721083
373daf550a047ef6fd0b357f20b1687703674427a87053d4801b1b6ca27e90ab
4ac8cdfd666fa149dc9c07000c4f0fc146ebf0e7e97acc1a1a2b0682d5f55145
76f36311eaf7cb7597c1075bc7e97a37e1c5d962ec205afc731fe0948abcfbc6
79e2b5802a295b2d2154bed810196a8dbc3d1b1e1bf9c0dac8ed41d4f7aee85e
ae9df3c9741e96b2e8684ddb90d2f6ed0fb279c550a94fd0a7b13a1c09b3ef4b
bd1411968f2f8d6fac8407f679d31f30939345c45bf1df811ba149120d879fb1
d35e00051a8b84512de2e976927bcdcbfa55cc4035b47b7c1e0a1e09a110b905
d6cf65885e1ecc322b326940d4ee0f755da43f5cb7f6c96f11abb15148ecc62a
d7ee85d5b7f72deba9cbf17e9e07ae06b0b866d6cad9048388c9d4a886f32243
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86a73065958eb8213bcfe4520ca07c0b2a22a71c113118efd52dd65a93918da
ee722fbe14fb1d4f9be819f751060dac917300406c95b2aa67289ba7f493b7ea
f9c6a391defb9a18895b9367eb074b3d05f77fb079efa80ff1b300850643f1c3
fef84b7a453b717db95678e1aaded73ef3a3e58c6d7771798767bc2ba298fea2