urlscan.io logo urlscan.io
SecurityTrails logo

c18web.ah679.com Open in urlscan Pro
2606:4700:4400::ac40:95dc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://k8uat.live/
Effective URL: https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F
Submission: On October 30 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 17 HTTP transactions. The main IP is 2606:4700:4400::ac40:95dc, located in United States and belongs to CLOUDFLARENET, US. The main domain is c18web.ah679.com.
TLS certificate: Issued by E6 on September 27th 2024. Valid for: 3 months.
This is the only time c18web.ah679.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
16 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
17 3
Apex Domain
Subdomains		 Transfer
16 ah679.com
c18web.ah679.com
528 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
77 KB
1 k8uat.live
k8uat.live
755 B
17 3
Domain Requested by
16 c18web.ah679.com c18web.ah679.com
1 code.jquery.com c18web.ah679.com
1 k8uat.live 1 redirects
17 3

This site contains links to these domains. Also see Links.

Domain
tw.wordpress.org
Subject Issuer Validity Valid
ah679.com
E6		 2024-09-27 -
2024-12-26		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F
Frame ID: EE7F2C06C1DC20BBED880EED28F22316
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

登入 ‹ k8 — WordPress

Page URL History Show full URLs

  1. https://k8uat.live/ HTTP 302
    https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

636 kB
Transfer

1384 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://k8uat.live/ HTTP 302
    https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wp-login.php
c18web.ah679.com/crypto-casino-insider/
Redirect Chain
  • https://k8uat.live/
  • https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd7f22605989e8ad516de1cbf77052a2a67bcce6a75f4f56d80b71b039e1849
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8daa248e9f996aa3-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Oct 2024 08:47:50 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajptDeqoieoPPIKZlBULEwjBO%2FSFB7JwDcvfyp7bswtPJGF%2BbajR7RdZfwEJp32QQJ5B7WKA%2Bq%2FJez60b8xM0ZX3E5X1d3p5xrUNleUSNvBXx1%2FKd0GC38lBe0qJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=1750&sent=3&recv=6&lost=0&retrans=0&sent_bytes=338&recv_bytes=1430&delivery_rate=801365&cwnd=251&unsent_bytes=0&cid=1353e9a7bda63c6f&ts=411&x=0"
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding accept-encoding
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8daa248a89360e32-AMS
content-type
text/html; charset=UTF-8
date
Wed, 30 Oct 2024 08:47:49 GMT
link
<https://c18web.ah679.com/crypto-casino-insider/wp-json/>; rel="https://api.w.org/"
location
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=meNlXQhM17xKlMPgEElVgjPoit5IbVWbb3sV3PpGthR9zW6%2FWNAi3b3M4GpBDic61y26oO%2BfqCf6pH9CodokvBrdHGeqN7KEJ9AWoI%2Fe6a%2FAkAxQaCC4qOb2G9G2ihkyYvP56Fc0xl2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=15427&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4011&recv_bytes=2278&delivery_rate=260546&cwnd=253&unsent_bytes=0&cid=c93725dce76f4409&ts=213&x=0"
x-redirect-by
WordPress
speculation
c18web.ah679.com/cdn-cgi/ 		128 B
245 B 		Other
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://c18web.ah679.com
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

cf-ray
8daa2492cc4f6aa3-AMS
access-control-allow-origin
https://c18web.ah679.com
content-length
128
date
Wed, 30 Oct 2024 08:47:50 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
load-styles.php
c18web.ah679.com/crypto-casino-insider/wp-admin/ 		101 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-admin/load-styles.php?c=1&dir=ltr&load%5Bchunk_0%5D=dashicons,buttons,forms,l10n,login&ver=6.6.2
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3ecf12ffd84609ab476e43b23684bd3357c1aa2ab968799a0ee8314240eff4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"e602cf00b8da8e51a642fbc06c7b093e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2L2s1ZfoDprCvpyJFWNBmPRmR2K3EB%2FwqeVlSgk2FctgjNQn1bQ%2BmvjMarf72nUYeF3I%2BZDusn4pE%2FLWc797bmE9QG602JTZVD5aDjSem3lOsPdoZm6dokD0LPg"}],"group":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa2492cc426aa3-AMS
expires
Thu, 30 Oct 2025 08:47:51 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1976&sent=3&recv=6&lost=0&retrans=0&sent_bytes=338&recv_bytes=1666&delivery_rate=715083&cwnd=251&unsent_bytes=0&cid=2c8f86e2f20abaf7&ts=838&x=0"
access-control-allow-origin
*
date
Wed, 30 Oct 2024 08:47:51 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding, accept-encoding
server
cloudflare
style.css
c18web.ah679.com/crypto-casino-insider/wp-content/plugins/wp-limit-login-attempts/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-content/plugins/wp-limit-login-attempts/style.css?ver=6.6.2
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01805bcf8c38469fe622bb03e45b3472b37958b3e52ac5bbbf373d5d967c1b16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6721efd5-980"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5DCTJh2UHLq1%2Bj4qUe2YKOIvIXomlwcu8Zc4HRwTIrfGYVyQRJaFULA%2Bkjiv7M673eOlgeUwfHdWCHwfZV8ECEuU9Q7OMwCO7TDnf9kvoKo15tj%2FFWmYsXFFUIWF"}],"group":"cf-nel","max_age":604800}
expires
Thu, 30 Oct 2025 08:47:50 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1698&sent=3&recv=7&lost=0&retrans=0&sent_bytes=338&recv_bytes=3206&delivery_rate=848704&cwnd=251&unsent_bytes=0&cid=9ac82741e194894f&ts=636&x=0"
date
Wed, 30 Oct 2024 08:47:50 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 08:35:33 GMT
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa2492cc486aa3-AMS
access-control-allow-origin
*
server
cloudflare
captcha.php
c18web.ah679.com/crypto-casino-insider/wp-content/plugins/wp-limit-login-attempts// 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-content/plugins/wp-limit-login-attempts//captcha.php
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da6cf6513d4592898232ab6a5532faf6a1a9668c27cce960424322d4de6f3d53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dDsobHYN3%2Ftoy41wvDKrzPy3uE6sblIoRCZJS2mcLv0MVoC%2FvGnO8gFflo9Cv9gxjHqKmPeoZnk1N3T3gU17mT2giuFEy0Z8mxQlEqz8Hr5tgdhYp28Fu8ScAR6l"}],"group":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa2492cc4b6aa3-AMS
expires
Thu, 19 Nov 1981 08:52:00 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1362&sent=3&recv=6&lost=0&retrans=0&sent_bytes=338&recv_bytes=1674&delivery_rate=1036055&cwnd=77&unsent_bytes=0&cid=536671e542014812&ts=639&x=0"
access-control-allow-origin
*
date
Wed, 30 Oct 2024 08:47:51 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
rocket-loader.min.js
c18web.ah679.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67180f7e-302c"
x-content-type-options
nosniff
cf-ray
8daa2492dc616aa3-AMS
expires
Fri, 01 Nov 2024 08:47:50 GMT
date
Wed, 30 Oct 2024 08:47:50 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 20:47:58 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
user-profile.min.js
c18web.ah679.com/crypto-casino-insider/wp-admin/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-admin/js/user-profile.min.js?ver=6.6.2
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c069ceb5898db820b7b4a97a1292b3e58b0cba8509720f68ecdc7c8a8fd0b6a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a3285-196b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4vXqTHrHoFUk9QFhskgC7D4PD%2Bv2bqo5XIpfXGnhP16QpyVYt%2F9UhUedZXBm7AYHz6dTt529cogywhin8MxWSLDtzBGeAyMLcDRjJVmrft%2F4fUNOosQiPmb%2Fee5"}],"group":"cf-nel","max_age":604800}
expires
Thu, 30 Oct 2025 08:47:52 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1177&sent=3&recv=7&lost=0&retrans=0&sent_bytes=143&recv_bytes=2756&delivery_rate=1228621&cwnd=251&unsent_bytes=0&cid=1f1a2c48ca00651d&ts=625&x=0"
date
Wed, 30 Oct 2024 08:47:52 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 11:41:57 GMT
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa249d884d6aa3-AMS
access-control-allow-origin
*
server
cloudflare
wp-util.min.js
c18web.ah679.com/crypto-casino-insider/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-includes/js/wp-util.min.js?ver=6.6.2
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a3284-592"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gnw596ObTZqLkmGNVKcjkLAVsJHZfkiSEN9j1Pwmuv5dugvNptz8iQuMURJxamx6v219zdMxvwNxMZ2SgunaKgTSPM4QpQHGL1iURpZvqHwbyxQT%2F2JV1KNCa3jO"}],"group":"cf-nel","max_age":604800}
expires
Thu, 30 Oct 2025 08:47:52 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1272&sent=3&recv=6&lost=0&retrans=0&sent_bytes=338&recv_bytes=1734&delivery_rate=1115689&cwnd=31&unsent_bytes=0&cid=e60e7f8451fa2d00&ts=631&x=0"
date
Wed, 30 Oct 2024 08:47:52 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 11:41:56 GMT
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa249d884e6aa3-AMS
access-control-allow-origin
*
server
cloudflare
underscore.min.js
c18web.ah679.com/crypto-casino-insider/wp-includes/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a3284-4991"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M0wCzcrjDo6je5ZqxvL0MnUCz%2Fm22eMS2pMdGXM4pibC4xuV63d4T5KA%2Bfu6mUEKR61uOiAPvvC%2ByqRAA3yTCTGGGJHYh2li%2BamwPEYk5Mwx8rqr44mcEQ7bu%2FDT"}],"group":"cf-nel","max_age":604800}
expires
Thu, 30 Oct 2025 08:47:52 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1222&sent=3&recv=6&lost=0&retrans=0&sent_bytes=338&recv_bytes=1734&delivery_rate=1175292&cwnd=251&unsent_bytes=0&cid=3f874c12aa48a540&ts=639&x=0"
date
Wed, 30 Oct 2024 08:47:52 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 11:41:56 GMT
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa249d88506aa3-AMS
access-control-allow-origin
*
server
cloudflare
password-strength-meter.min.js
c18web.ah679.com/crypto-casino-insider/wp-admin/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-admin/js/password-strength-meter.min.js?ver=6.6.2
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbe9e9ff2d1c20cab10bf43dc49914e188b44ae21f34257b4a0ef5cae90f7ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a3285-463"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2m%2FTAbIqfyZCSl1EcMAomwNYAEZ0xEy9lx7PMWgPCkx%2B2ym%2B%2BJjekAxU7wonRj0vQ2LdP7%2B%2BBqEp8ABlOxcCC8%2Bhy3HIRIN%2BjIsfJOf9gqDULLrcq6ZMlDYXnEy"}],"group":"cf-nel","max_age":604800}
expires
Thu, 30 Oct 2025 08:47:52 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1434&sent=3&recv=7&lost=0&retrans=0&sent_bytes=143&recv_bytes=2767&delivery_rate=980501&cwnd=104&unsent_bytes=0&cid=df00b6725d04d7cc&ts=626&x=0"
date
Wed, 30 Oct 2024 08:47:52 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 11:41:57 GMT
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa249d88516aa3-AMS
access-control-allow-origin
*
server
cloudflare
i18n.min.js
c18web.ah679.com/crypto-casino-insider/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a3284-23b5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ABCrk1p8hbJKE2PmHSppGY%2FoMU1Ql3h62YdAifreRs7OnBtvpcJHs5D1EbwRMJVh8UoMoZsxR5MySUUZewlX2nnRP6QCa%2Bth9%2BW3FmT6g90kfbFi%2BMXp4MIMrqq0"}],"group":"cf-nel","max_age":604800}
expires
Thu, 30 Oct 2025 08:47:52 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1252&sent=3&recv=6&lost=0&retrans=0&sent_bytes=338&recv_bytes=1749&delivery_rate=1120127&cwnd=251&unsent_bytes=0&cid=e115cc96764c19c2&ts=634&x=0"
date
Wed, 30 Oct 2024 08:47:52 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 11:41:56 GMT
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa249d88526aa3-AMS
access-control-allow-origin
*
server
cloudflare
load-scripts.php
c18web.ah679.com/crypto-casino-insider/wp-admin/ 		103 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-admin/load-scripts.php?c=1&load%5Bchunk_0%5D=jquery-core,jquery-migrate,zxcvbn-async,wp-hooks&ver=6.6.2
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d0d092f45553d17992b4b6ea0c005af1a63d3e4fb56f9a058f07d8adeea2d14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"536c56bf3dbc075b9c1c97c6100b81a0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YbFtJ0XIqZeAmxACoSlLyA2ncbjvNUZ2xYgYTZQfrfawRbq01oJDxjPZ5zxKlMjfEX1mhc2QO1IbUR7MCpsjnNcrpGT8mkzx9OU8iEUvDPLV1seh3edfufA%2BlfYk"}],"group":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa249d88536aa3-AMS
expires
Thu, 30 Oct 2025 08:47:52 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1352&sent=3&recv=6&lost=0&retrans=0&sent_bytes=338&recv_bytes=1663&delivery_rate=1078101&cwnd=234&unsent_bytes=0&cid=09bb0afd4710417b&ts=417&x=0"
access-control-allow-origin
*
date
Wed, 30 Oct 2024 08:47:52 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, accept-encoding
server
cloudflare
main.js
c18web.ah679.com/crypto-casino-insider/wp-content/plugins/wp-limit-login-attempts/js/ 		538 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-content/plugins/wp-limit-login-attempts/js/main.js?ver=6.6.2
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46a10bbcaacd9fcf5234660d2697b23c932514db857a623ed11ab693f06c367

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6721efd5-21a"
age
6
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgc5VCpUJFYwZkeg70vlN2TeqHhe2Fk4fPcILmweEEA%2FLaq8GsFJrfxmSsgHxTGzpVtlDy8Y%2BQLxmq3DqgVaXtXWBPs2Cz5eh7YWczTTFph%2B0y5OjEJ%2FbNPMgA73"}],"group":"cf-nel","max_age":604800}
expires
Thu, 30 Oct 2025 08:47:51 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1524&sent=3&recv=6&lost=0&retrans=0&sent_bytes=338&recv_bytes=1747&delivery_rate=894536&cwnd=251&unsent_bytes=0&cid=4d3d4d7329feced4&ts=638&x=0"
date
Wed, 30 Oct 2024 08:47:51 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 08:35:33 GMT
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa249d88546aa3-AMS
access-control-allow-origin
*
server
cloudflare
jquery-1.8.2.js
code.jquery.com/ 		259 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.8.2.js?ver=6.6.2
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cfa69516375e27e56519cae71f28818e0e52515b70e705a600d1db459998335a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-40c02"
age
2498642
x-cache
HIT, HIT
date
Wed, 30 Oct 2024 08:47:51 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
2074, 214
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga13627-LGA, cache-ams2100142-AMS
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1730278072.955785,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
78587
server
nginx
wordpress-logo.svg
c18web.ah679.com/crypto-casino-insider/wp-admin/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-admin/images/wordpress-logo.svg?ver=20131107
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/crypto-casino-insider/wp-admin/load-styles.php?c=1&dir=ltr&load%5Bchunk_0%5D=dashicons,buttons,forms,l10n,login&ver=6.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0bbefd626f1e76f9245ec6c6101b679ba27412b71b32fc43eccda9db40f394b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-admin/load-styles.php?c=1&dir=ltr&load%5Bchunk_0%5D=dashicons,buttons,forms,l10n,login&ver=6.6.2

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a3285-5f1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BFKJF2qymEUsdE2R9WC76d%2FKTKnNh%2BNBk%2F6CrAAoiMQkhfH5E0hb8RTpDuvXyC%2BUgcPOnjSUZ7uGADC%2FKGHV2OgkwHnvx99PiQLZDOYsCuym51Np9%2ByB65XhYDNm"}],"group":"cf-nel","max_age":604800}
expires
Thu, 30 Oct 2025 08:47:52 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=856&sent=3&recv=6&lost=0&retrans=0&sent_bytes=338&recv_bytes=1845&delivery_rate=1562708&cwnd=251&unsent_bytes=0&cid=20e8f3495125b97a&ts=627&x=0"
date
Wed, 30 Oct 2024 08:47:52 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 11:41:57 GMT
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa249d88556aa3-AMS
access-control-allow-origin
*
server
cloudflare
truncated
/ 		122 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20a2c94142925d780f27b444d4766f6ec61bbdf80cb344e8ca7b064af87f5422

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://c18web.ah679.com
Referer

Response headers

Content-Type
application/x-font-woff;charset=utf-8
favicon.ico
c18web.ah679.com/ 		16 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7b68a2d81cc140125a19a4f2bb9b94eb3c77dbc6df707a157edeb984cd8e6e6
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

access-control-allow-headers
*
access-control-allow-method
*
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
speculation-rules
"/cdn-cgi/speculation"
cf-ray
8daa24a1fd856aa3-AMS
expires
Wed, 30 Oct 2024 12:47:52 GMT
access-control-allow-origin
*
date
Wed, 30 Oct 2024 08:47:52 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
last-modified
Wed, 30 Oct 2024 07:11:10 GMT
x-frame-options
ON
zxcvbn.min.js
c18web.ah679.com/crypto-casino-insider/wp-includes/js/ 		803 KB
403 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c18web.ah679.com/crypto-casino-insider/wp-includes/js/zxcvbn.min.js
Requested by
Host: c18web.ah679.com
URL: https://c18web.ah679.com/crypto-casino-insider/wp-admin/load-scripts.php?c=1&load%5Bchunk_0%5D=jquery-core,jquery-migrate,zxcvbn-async,wp-hooks&ver=6.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa6634ed8d6376bfd22d8f68942d00e1b56db0fa8c9f90ba2af52734dd5593b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://c18web.ah679.com/crypto-casino-insider/wp-login.php?redirect_to=https%3A%2F%2Fk8uat.live%2F

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a3284-c8bdd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BoT%2FYDCmbBuNpwStwni38m%2F%2FOKPtoYNn7a%2BlBuN7OlJJNvXUd3d1ssHQhwV4GTPOHHF7Wfr6gROk1LU7C%2B4Okq5CUEmptm69f45WA9dBi1SkEnQVHJ2XXgf%2BnjpN"}],"group":"cf-nel","max_age":604800}
expires
Thu, 30 Oct 2025 08:47:53 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1271&sent=3&recv=7&lost=0&retrans=0&sent_bytes=143&recv_bytes=2726&delivery_rate=1073170&cwnd=251&unsent_bytes=0&cid=c643f5833a493994&ts=845&x=0"
date
Wed, 30 Oct 2024 08:47:53 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 11:41:56 GMT
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8daa24a2dea86aa3-AMS
access-control-allow-origin
*
server
cloudflare

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR function| $ function| jQuery string| popup_flag function| wp_attempt_focus object| _zxcvbnSettings object| wp function| sprintf function| vsprintf object| pwsL10n function| passwordStrength function| _ object| _wpUtilSettings object| userProfileL10n function| generatePassword boolean| __cfRLUnblockHandlers object| d function| zxcvbn

3 Cookies

Domain/Path Name / Value
c18web.ah679.com/crypto-casino-insider/ Name: wordpress_test_cookie
Value: WP%20Cookie%20check
c18web.ah679.com/ Name: PHPSESSID
Value: pbd82jlmr75mcrie1i3nc8aefo
.c18web.ah679.com/ Name: __cf_bm
Value: 2LEmYsanH7h86hQMWSs.WdvlCV5UrH4qR_80NBqPoEI-1730278070-1.0.1.1-cofqV0FrzBpJ4wB2l6YcqNInKT3H07n_i1N3pRzkhvKN41dnYS2g70wYI.PurT1V0Bni9MwlYtpTIUfTUX11FQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c18web.ah679.com
code.jquery.com
k8uat.live
2606:4700:4400::ac40:95dc
2a04:4e42:600::649
2a06:98c1:3121::3
01805bcf8c38469fe622bb03e45b3472b37958b3e52ac5bbbf373d5d967c1b16
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
20a2c94142925d780f27b444d4766f6ec61bbdf80cb344e8ca7b064af87f5422
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
3bd7f22605989e8ad516de1cbf77052a2a67bcce6a75f4f56d80b71b039e1849
6d0d092f45553d17992b4b6ea0c005af1a63d3e4fb56f9a058f07d8adeea2d14
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
a0bbefd626f1e76f9245ec6c6101b679ba27412b71b32fc43eccda9db40f394b
b46a10bbcaacd9fcf5234660d2697b23c932514db857a623ed11ab693f06c367
c069ceb5898db820b7b4a97a1292b3e58b0cba8509720f68ecdc7c8a8fd0b6a2
c7b68a2d81cc140125a19a4f2bb9b94eb3c77dbc6df707a157edeb984cd8e6e6
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfa69516375e27e56519cae71f28818e0e52515b70e705a600d1db459998335a
da6cf6513d4592898232ab6a5532faf6a1a9668c27cce960424322d4de6f3d53
daa6634ed8d6376bfd22d8f68942d00e1b56db0fa8c9f90ba2af52734dd5593b
df3ecf12ffd84609ab476e43b23684bd3357c1aa2ab968799a0ee8314240eff4
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
fcbe9e9ff2d1c20cab10bf43dc49914e188b44ae21f34257b4a0ef5cae90f7ac