urlscan.io logo urlscan.io
SecurityTrails logo

www.safeonlinecasinos.com Open in urlscan Pro
109.203.100.23  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.safeonlinecasinos.com/
Submission: On May 02 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 24 HTTP transactions. The main IP is 109.203.100.23, located in United Kingdom and belongs to NODE4-AS, GB. The main domain is www.safeonlinecasinos.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 1st 2020. Valid for: 3 months.
This is the only time www.safeonlinecasinos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 109.203.100.23 31727 (NODE4-AS)
3 2606:4700:303... 13335 (CLOUDFLAR...)
11 23.229.227.38 26496 (AS-26496-...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 5
5    109.203.100.23 (United Kingdom)

ASN31727 (NODE4-AS, GB)
www.safeonlinecasinos.com
3    2606:4700:3036::6812:2a6f (United States)

ASN13335 (CLOUDFLARENET, US)
www.banner-tracking.com
11    23.229.227.38 (Las Vegas, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-23-229-227-38.ip.secureserver.net
www.banner-secure.com
4    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:81f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
Domain Requested by
11 www.banner-secure.com www.safeonlinecasinos.com
5 www.safeonlinecasinos.com www.safeonlinecasinos.com
4 apis.google.com www.safeonlinecasinos.com
apis.google.com
3 www.banner-tracking.com www.safeonlinecasinos.com
1 accounts.google.com apis.google.com
24 5

This site contains links to these domains. Also see Links.

Domain
www.secure-bonus.com
www.banner-secure.com
www.casino-on-line.com
twitter.com
Subject Issuer Validity Valid
safeonlinecasinos.com
cPanel, Inc. Certification Authority		 2020-02-01 -
2020-05-01		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
accounts.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.safeonlinecasinos.com/
Frame ID: 4952A6E67078B2830BB97E9A29E42578
Requests: 22 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&origin=https%3A%2F%2Fwww.safeonlinecasinos.com&url=http%3A%2F%2Fwww.safeonlinecasinos.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__
Frame ID: 880156DFD464E4E72E3FCEE406D6EF4D
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.safeonlinecasinos.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__
Frame ID: FA3D2151A8BB52F5CB0A311A8E946628
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i

Page Statistics

24
Requests

21 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

322 kB
Transfer

499 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.safeonlinecasinos.com/ 		21 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS
Software
Apache /
Resource Hash
b7712ede008484203f46d4a6d8991d0508d2c57f6197151820eb9cffe9770760

Request headers

Host
www.safeonlinecasinos.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Server
Apache
Last-Modified
Fri, 12 Feb 2016 23:12:35 GMT
Accept-Ranges
bytes
Content-Length
21937
Connection
close
Content-Type
text/html
xsp_styles.css
www.safeonlinecasinos.com/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.safeonlinecasinos.com/xsp_styles.css
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS
Software
Apache /
Resource Hash
8c2227fccc5510c4d3acffd071589bc170a340bc4980f034f7db2209d7ddfb78

Request headers

Referer
https://www.safeonlinecasinos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Last-Modified
Tue, 15 Sep 2015 13:44:32 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
7348
Content-Type
text/css
safecasinos.gif
www.safeonlinecasinos.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safeonlinecasinos.com/images/safecasinos.gif
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS
Software
Apache /
Resource Hash
038a95575f9cd413e1b2273ba4facf944f138ad310cf74b9615aef65c8d01334

Request headers

Referer
https://www.safeonlinecasinos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Last-Modified
Sun, 17 Nov 2013 07:43:00 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
4066
Content-Type
image/gif
1_22.png
www.banner-tracking.com/images/888/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-tracking.com/images/888/1_22.png
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
2606:4700:3036::6812:2a6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b23620c6070cf66803ce99e8c862fa4f779ce228d3088cbd7ca20848bf904cf

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 06 Nov 2013 21:36:22 GMT
Server
cloudflare
Age
1456
X-Server-Cache
true
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
58cd8b44b8b5d6dd-FRA
Content-Length
1616
cf-request-id
0274555eee0000d6dd0f21b200000001
X-Proxy-Cache
EXPIRED
CASINO88.jpg
www.banner-tracking.com/images/888/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-tracking.com/images/888/CASINO88.jpg
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
2606:4700:3036::6812:2a6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20e1fabd4d2cfeca9ed1151d8c25113640f6abe9e9e43d018b4b419f8f514191

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 04 Apr 2017 15:34:08 GMT
Server
cloudflare
Age
1456
X-Server-Cache
true
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
58cd8b44cd3905c8-FRA
Content-Length
31272
cf-request-id
0274555ef9000005c870a6e200000001
X-Proxy-Cache
EXPIRED
g2.gif
www.banner-secure.com/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/g2.gif
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
c7da371d7c24b47a99055cf54826d53ddd2c57e14bcb2f7e166a1ecac2053429

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Last-Modified
Thu, 23 Nov 2017 20:33:18 GMT
Server
Apache
ETag
"b02deee-3d20-55eac58aaa7dc"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
15648
g1.gif
www.banner-secure.com/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/g1.gif
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
80d45777902ae4f55a9dcc9e4b3cbc6af9f856e0f1cf2f05cae828509d2be068

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Last-Modified
Thu, 02 Nov 2017 23:54:35 GMT
Server
Apache
ETag
"b02016b-829f-55d08b5de4974"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
33439
c-10.jpg
www.banner-secure.com/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/c-10.jpg
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
da97b8a99a16ad287a039546ae89793fcd1a84702c54aa5b5a651e9f01187db5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Last-Modified
Wed, 13 Sep 2017 23:58:45 GMT
Server
Apache
ETag
"b02de42-3d28-5591af0ade734"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5
Content-Length
15656
b.jpg
www.banner-secure.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/b.jpg
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
2afae59f435d6b09e725c938d2c16fa03b2ba411642a05d9e630201254657615

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Last-Modified
Thu, 14 Sep 2017 00:40:29 GMT
Server
Apache
ETag
"b02de51-b31-5591b85f0e70b"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5
Content-Length
2865
c-20.jpg
www.banner-secure.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/c-20.jpg
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
5e5fa8e7ab2305ef7de664df55f376033cb2ffe123377770fe6099490f531738

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Last-Modified
Thu, 14 Sep 2017 00:14:59 GMT
Server
Apache
ETag
"b02de49-34a3-5591b2ab823e0"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5
Content-Length
13475
c-70.jpg
www.banner-secure.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/c-70.jpg
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
a09d58eb95533f7effcee46ad4242cb71f841f84adf0e5bddc19145714c9586f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Last-Modified
Thu, 14 Sep 2017 00:05:58 GMT
Server
Apache
ETag
"b02de43-1e69-5591b0a79e8db"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5
Content-Length
7785
c-30.jpg
www.banner-secure.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/c-30.jpg
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
b31764fc5fd136f72379d124b0e8fcb555d6fbe71cb6454f35b1b7c5d9c4f91a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:47 GMT
Last-Modified
Thu, 14 Sep 2017 00:13:46 GMT
Server
Apache
ETag
"b02de46-1c54-5591b26646fca"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
7252
c-40.jpeg
www.banner-secure.com/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/c-40.jpeg
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
c2f48020e7762aba8c5ea4b2df197540d1d157a5ff7f61bc543b0a2b5ae09f96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:47 GMT
Last-Modified
Thu, 14 Sep 2017 00:17:22 GMT
Server
Apache
ETag
"b02de4b-2d12-5591b33473d67"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
11538
Parklane.png
www.safeonlinecasinos.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safeonlinecasinos.com/images/Parklane.png
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS
Software
Apache /
Resource Hash
647269bd24414259496d0a164d34153166b1a177753ad228b034889ed2f4a86a

Request headers

Referer
https://www.safeonlinecasinos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Last-Modified
Tue, 15 Sep 2015 13:44:32 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
5775
Content-Type
image/png
c-50.jpeg
www.banner-secure.com/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/c-50.jpeg
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
28f4a905066d19420764714c41d172472f00fece4ee0eefb2957b7ba9425d04e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:47 GMT
Last-Modified
Thu, 14 Sep 2017 00:27:56 GMT
Server
Apache
ETag
"b02de4e-356b-5591b59054739"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
13675
c-60.jpg
www.banner-secure.com/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/c-60.jpg
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
9d278ef8e06cb5f662bb6bc16e4ee8325d1f0b4dfa0d74e2833f7497f76f182c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:47 GMT
Last-Modified
Thu, 14 Sep 2017 00:37:34 GMT
Server
Apache
ETag
"b02de53-195e-5591b7b830c62"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
6494
c-90.jpg
www.banner-secure.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-secure.com/images/c-90.jpg
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
23.229.227.38 Las Vegas, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-23-229-227-38.ip.secureserver.net
Software
Apache /
Resource Hash
19cc0e06333d66cb8dfa0439a40d36464c2d055c5d3775c8268c5c1b2cbc919d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:47 GMT
Last-Modified
Thu, 14 Sep 2017 00:37:25 GMT
Server
Apache
ETag
"b02de50-2f6a-5591b7af942a6"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
12138
02casino.gif
www.banner-tracking.com/images/GENERIC/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.banner-tracking.com/images/GENERIC/02casino.gif
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Server
2606:4700:3036::6812:2a6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d2cd9532f9da452242cfab08abdb82ac36f28db73e54a6ec37a5f40c655c2f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 02 Sep 2015 12:55:02 GMT
Server
cloudflare
Age
1456
X-Server-Cache
true
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
58cd8b44cc1c1f15-FRA
Content-Length
7341
cf-request-id
0274555eff00001f1570a4b200000001
X-Proxy-Cache
EXPIRED
twitterl.png
www.safeonlinecasinos.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.safeonlinecasinos.com/images/twitterl.png
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.203.100.23 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS
Software
Apache /
Resource Hash
bcf2410bf66e08f6791f6721403c2e63162128836c512eba8b484a060dfccfdb

Request headers

Referer
https://www.safeonlinecasinos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 00:14:46 GMT
Last-Modified
Sun, 17 Nov 2013 07:42:59 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1176
Content-Type
image/png
plusone.js
apis.google.com/js/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.safeonlinecasinos.com
URL: https://www.safeonlinecasinos.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c763d7a97b77a30e3a372b33399781df13057447b31f4a8434018ca0425e84d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z2nB6IUx/Tt9W2LMOqOQ1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.safeonlinecasinos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 00:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"5f9d292e21463dcdac45eb1487faa3a1"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-z2nB6IUx/Tt9W2LMOqOQ1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sat, 02 May 2020 00:14:46 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/ 		141 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf37b78fd604e647f57bec664ab832197cdee0e87ed3c16bb8ae3f428c9554a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.safeonlinecasinos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 26 Apr 2020 08:30:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 19:43:27 GMT
server
sffe
age
488636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50286
x-xss-protection
0
expires
Mon, 26 Apr 2021 08:30:50 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aae2235d2b0e1dea56ba50a7f35de53cfa0b5ee522ed77ffec5d92548ea3828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.safeonlinecasinos.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 12:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 19:43:27 GMT
server
sffe
age
1511468
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33604
x-xss-protection
0
expires
Wed, 14 Apr 2021 12:23:38 GMT
fastbutton
apis.google.com/se/0/_/+1/ Frame 8801 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&origin=https%3A%2F%2Fwww.safeonlinecasinos.com&url=http%3A%2F%2Fwww.safeonlinecasinos.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dygaGA8bBf5hTmP5JTFjTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&origin=https%3A%2F%2Fwww.safeonlinecasinos.com&url=http%3A%2F%2Fwww.safeonlinecasinos.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.safeonlinecasinos.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=203=qPoMfIBYkVoG4Vo7NkaNKIl0LF7L-WeePVlUbI2ku-fp6b_Bcoq2t47_bEzVDEraB4tNAHRPsm9PY3m5oh3tb61ClYCbs9ChZntOJwOUlawaT0V20DzOSs81bbtsSVq6YxOIOQkp_i9dP7Mt9em5EMZP4-Lj23zOJbhGEXlbC3c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.safeonlinecasinos.com/

Response headers

status
404
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 02 May 2020 00:14:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-dygaGA8bBf5hTmP5JTFjTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
postmessageRelay
accounts.google.com/o/oauth2/ Frame FA3D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.safeonlinecasinos.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N0yh6IxFFcDOU1a9Bs+eWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.safeonlinecasinos.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.safeonlinecasinos.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=203=qPoMfIBYkVoG4Vo7NkaNKIl0LF7L-WeePVlUbI2ku-fp6b_Bcoq2t47_bEzVDEraB4tNAHRPsm9PY3m5oh3tb61ClYCbs9ChZntOJwOUlawaT0V20DzOSs81bbtsSVq6YxOIOQkp_i9dP7Mt9em5EMZP4-Lj23zOJbhGEXlbC3c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.safeonlinecasinos.com/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 02 May 2020 00:14:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-N0yh6IxFFcDOU1a9Bs+eWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| popunder string| winfeatures number| once_per_session function| get_cookie function| loadornot function| loadpopunder object| win2 object| gapi object| ___jsl object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| oauth2

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 203=qPoMfIBYkVoG4Vo7NkaNKIl0LF7L-WeePVlUbI2ku-fp6b_Bcoq2t47_bEzVDEraB4tNAHRPsm9PY3m5oh3tb61ClYCbs9ChZntOJwOUlawaT0V20DzOSs81bbtsSVq6YxOIOQkp_i9dP7Mt9em5EMZP4-Lj23zOJbhGEXlbC3c
www.safeonlinecasinos.com/ Name: popunder
Value: yes

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
www.banner-secure.com
www.banner-tracking.com
www.safeonlinecasinos.com
109.203.100.23
23.229.227.38
2606:4700:3036::6812:2a6f
2a00:1450:4001:81a::200e
2a00:1450:4001:81f::200d
038a95575f9cd413e1b2273ba4facf944f138ad310cf74b9615aef65c8d01334
0aae2235d2b0e1dea56ba50a7f35de53cfa0b5ee522ed77ffec5d92548ea3828
0c763d7a97b77a30e3a372b33399781df13057447b31f4a8434018ca0425e84d
19cc0e06333d66cb8dfa0439a40d36464c2d055c5d3775c8268c5c1b2cbc919d
20e1fabd4d2cfeca9ed1151d8c25113640f6abe9e9e43d018b4b419f8f514191
22d2cd9532f9da452242cfab08abdb82ac36f28db73e54a6ec37a5f40c655c2f
28f4a905066d19420764714c41d172472f00fece4ee0eefb2957b7ba9425d04e
2afae59f435d6b09e725c938d2c16fa03b2ba411642a05d9e630201254657615
4b23620c6070cf66803ce99e8c862fa4f779ce228d3088cbd7ca20848bf904cf
5e5fa8e7ab2305ef7de664df55f376033cb2ffe123377770fe6099490f531738
647269bd24414259496d0a164d34153166b1a177753ad228b034889ed2f4a86a
80d45777902ae4f55a9dcc9e4b3cbc6af9f856e0f1cf2f05cae828509d2be068
8c2227fccc5510c4d3acffd071589bc170a340bc4980f034f7db2209d7ddfb78
9d278ef8e06cb5f662bb6bc16e4ee8325d1f0b4dfa0d74e2833f7497f76f182c
a09d58eb95533f7effcee46ad4242cb71f841f84adf0e5bddc19145714c9586f
b31764fc5fd136f72379d124b0e8fcb555d6fbe71cb6454f35b1b7c5d9c4f91a
b7712ede008484203f46d4a6d8991d0508d2c57f6197151820eb9cffe9770760
bcf2410bf66e08f6791f6721403c2e63162128836c512eba8b484a060dfccfdb
c2f48020e7762aba8c5ea4b2df197540d1d157a5ff7f61bc543b0a2b5ae09f96
c7da371d7c24b47a99055cf54826d53ddd2c57e14bcb2f7e166a1ecac2053429
cf37b78fd604e647f57bec664ab832197cdee0e87ed3c16bb8ae3f428c9554a8
da97b8a99a16ad287a039546ae89793fcd1a84702c54aa5b5a651e9f01187db5