1weeya.top
Open in
urlscan Pro
154.197.121.1
Public Scan
Effective URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Submission: On October 22 via api from US — Scanned from CA
Summary
TLS certificate: Issued by WE1 on August 30th 2024. Valid for: 3 months.
This is the only time 1weeya.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 154.197.121.1 154.197.121.1 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
25 | 154.197.121.128 154.197.121.128 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
2 | 151.101.2.132 151.101.2.132 | 54113 (FASTLY) (FASTLY) | |
6 | 209.85.232.97 209.85.232.97 | 15169 (GOOGLE) (GOOGLE) | |
2 4 | 173.194.207.148 173.194.207.148 | 15169 (GOOGLE) (GOOGLE) | |
1 | 108.138.106.126 108.138.106.126 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.164.96.77 18.164.96.77 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 216.239.34.181 216.239.34.181 | 15169 (GOOGLE) (GOOGLE) | |
1 | 209.85.144.155 209.85.144.155 | 15169 (GOOGLE) (GOOGLE) | |
3 | 173.194.207.154 173.194.207.154 | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.217.222.94 172.217.222.94 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.31.148 142.250.31.148 | 15169 (GOOGLE) (GOOGLE) | |
1 | 209.85.144.157 209.85.144.157 | 15169 (GOOGLE) (GOOGLE) | |
1 | 173.194.175.106 173.194.175.106 | 15169 (GOOGLE) (GOOGLE) | |
2 | 54.184.93.222 54.184.93.222 | 16509 (AMAZON-02) (AMAZON-02) | |
66 | 16 |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
v1.bundlecdn.com |
ASN15169 (GOOGLE, US)
PTR: qt-in-f97.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: qk-in-f148.1e100.net
12572451.fls.doubleclick.net | |
12688802.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net
static.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: qv-in-f155.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: qk-in-f154.1e100.net
td.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: qv-in-f157.1e100.net
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-93-222.us-west-2.compute.amazonaws.com
api2.amplitude.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
bundlecdn.com
v1.bundlecdn.com — Cisco Umbrella Rank: 247936 |
645 KB |
10 |
doubleclick.net
2 redirects
12572451.fls.doubleclick.net — Cisco Umbrella Rank: 330391 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192 12688802.fls.doubleclick.net — Cisco Umbrella Rank: 332055 ad.doubleclick.net — Cisco Umbrella Rank: 150 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 |
4 KB |
8 |
1weeya.top
1 redirects
1weeya.top |
235 KB |
6 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
481 KB |
4 |
amplitude.com
api.lab.amplitude.com — Cisco Umbrella Rank: 4207 api2.amplitude.com — Cisco Umbrella Rank: 1159 |
1022 B |
2 |
google.ca
www.google.ca — Cisco Umbrella Rank: 12143 |
127 B |
2 |
google.com
analytics.google.com — Cisco Umbrella Rank: 147 www.google.com — Cisco Umbrella Rank: 3 |
64 B |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177 |
61 KB |
66 | 8 |
Domain | Requested by | |
---|---|---|
25 | v1.bundlecdn.com |
1weeya.top
v1.bundlecdn.com |
8 | 1weeya.top |
1 redirects
1weeya.top
v1.bundlecdn.com |
6 | www.googletagmanager.com |
1weeya.top
www.googletagmanager.com |
3 | td.doubleclick.net |
www.googletagmanager.com
|
2 | api2.amplitude.com |
v1.bundlecdn.com
|
2 | 12688802.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.google.ca | |
2 | 12572451.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | api.lab.amplitude.com |
v1.bundlecdn.com
|
1 | www.google.com | |
1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
1 | ad.doubleclick.net | |
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
1weeya.top
|
66 | 16 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
1weeya.top WE1 |
2024-08-30 - 2024-11-28 |
3 months | crt.sh |
v1.bundlecdn.com WE1 |
2024-09-22 - 2024-12-21 |
3 months | crt.sh |
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2024 Q3 |
2024-10-01 - 2025-11-02 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
*.doubleclick.net WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
*.hotjar.com Amazon RSA 2048 M03 |
2024-05-22 - 2025-06-20 |
a year | crt.sh |
*.google.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
*.google.ca WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
*.amplitude.com COMODO RSA Domain Validation Secure Server CA |
2024-01-31 - 2025-03-02 |
a year | crt.sh |
This page contains 8 frames:
Primary Page:
https://1weeya.top/casino/play/1play_1play_speed-n-cash
Frame ID: E105481CFA67AFE6DC26287FA3745B93
Requests: 56 HTTP requests in this frame
Frame:
https://1weeya.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js
Frame ID: 6E1968E02504D1E2C8DBB6537AA2DA87
Requests: 2 HTTP requests in this frame
Frame:
https://12572451.fls.doubleclick.net/activityi;dc_pre=CL3vn7_xookDFWWsgwgdDq483A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6005706825789.445
Frame ID: DC20CB5A4E0812FBFFA91725039D0E48
Requests: 1 HTTP requests in this frame
Frame:
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2F1weeya.top
Frame ID: 515265186191DB5F69A820A6AEC5C17C
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/ga/rul?tid=G-548949LWLW&gacid=625877177.1729630976>m=45je4ah0v894728184z8894400803za200zb894400803&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823847~101836706&z=1534328221
Frame ID: CDBB613D22619A11ADCC6383DD0494A1
Requests: 1 HTTP requests in this frame
Frame:
https://12688802.fls.doubleclick.net/activityi;dc_pre=CJGjqr_xookDFVyzgwgdOigUQg;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash
Frame ID: D76793B7CE95E2B63C5760319232A14B
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash
Frame ID: 12FD0045BC7126186F1C096CB8A706E4
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/rul/16482547739?random=1729630975978&cv=11&fst=1729630975978&fmt=3&bg=ffffff&guid=ON&async=1>m=45be4ah0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=1508349530.1729630976&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 3B168FA72E4E08DBDA0FB26EB8B2B7B1
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
1winPage URL History Show full URLs
-
http://1weeya.top/casino/play/1play_1play_speed-n-cash
HTTP 307
https://1weeya.top/casino/play/1play_1play_speed-n-cash Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://1weeya.top/casino/play/1play_1play_speed-n-cash
HTTP 307
https://1weeya.top/casino/play/1play_1play_speed-n-cash Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://1weeya.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://1weeya.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js
- https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6005706825789.445 HTTP 302
- https://12572451.fls.doubleclick.net/activityi;dc_pre=CL3vn7_xookDFWWsgwgdDq483A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6005706825789.445
- https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash HTTP 302
- https://12688802.fls.doubleclick.net/activityi;dc_pre=CJGjqr_xookDFVyzgwgdOigUQg;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
1play_1play_speed-n-cash
1weeya.top/casino/play/ Redirect Chain
|
62 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFNSDisplay-latin.50a4eaff3.woff2
v1.bundlecdn.com/font/ |
32 KB 33 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFNSText-latin.f09aa5229.woff2
v1.bundlecdn.com/font/ |
42 KB 43 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
minified.js
1weeya.top/core-js/3.33.3/ |
238 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.b5eb4d992.js
v1.bundlecdn.com/js/ |
247 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-common.1fbe0bd28.js
v1.bundlecdn.com/js/ |
404 KB 122 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.56332e4b0.js
v1.bundlecdn.com/js/ |
383 KB 125 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.aedf85995.css
v1.bundlecdn.com/css/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1win-normal.svg
1weeya.top/img/logo/main/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop.eea70e10b.js
v1.bundlecdn.com/js/ |
117 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop.bba417011.css
v1.bundlecdn.com/css/ |
64 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
affiliate:link_visit
1weeya.top/ |
37 B 977 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18860.1f1e193d8.js
v1.bundlecdn.com/js/ |
28 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
60215.50ddff497.js
v1.bundlecdn.com/js/ |
79 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
67125.c76b24a97.css
v1.bundlecdn.com/css/ |
53 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
67125.8c08cf8e5.js
v1.bundlecdn.com/js/ |
372 KB 113 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
84167.f2eedb19c.js
v1.bundlecdn.com/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
1weeya.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/ Frame 6E19 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8d6c6e46cbe9a226
1weeya.top/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6E19 |
0 862 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
en
1weeya.top/fss/translations/ |
381 KB 115 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
allv4
1weeya.top/common/banners/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon-32x32.png
1weeya.top/img/icons/ |
386 B 0 |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
vardata
api.lab.amplitude.com/sdk/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firebase-app.js
1weeya.top/firebase/8.1.1/ |
19 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
382 KB 114 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vardata
api.lab.amplitude.com/sdk/v2/ |
2 KB 804 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
title
1weeya.top/common/ |
29 B 0 |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6079.4b46336fa.css
v1.bundlecdn.com/css/ |
517 B 433 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6079.d3be0a1f5.js
v1.bundlecdn.com/js/ |
1 KB 715 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7329.77a768f52.css
v1.bundlecdn.com/css/ |
2 KB 799 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7329.0f43983ba.js
v1.bundlecdn.com/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7001.542f3ca69.js
v1.bundlecdn.com/js/ |
30 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
60385.2c6c716c1.js
v1.bundlecdn.com/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81760.54a82743e.css
v1.bundlecdn.com/css/ |
24 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81760.c2e1f176f.js
v1.bundlecdn.com/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firebase-messaging.js
1weeya.top/firebase/8.1.1/ |
40 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1279.2ddf52e8a.js
v1.bundlecdn.com/js/ |
911 B 755 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1win-normal.d39105a87.svg
v1.bundlecdn.com/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca.svg
v1.bundlecdn.com/img/flags/ |
458 B 368 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bear.7b736fe37-290.webp
v1.bundlecdn.com/img/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
277 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
277 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
275 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
223 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CL3vn7_xookDFWWsgwgdDq483A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame DC20 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2606090.js
static.hotjar.com/c/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 5152 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
pv
1weeya.top/analytics/ |
0 0 |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
events
1weeya.top/analytics/ |
0 0 |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.02161fb4f8ebb73fb3f8.js
script.hotjar.com/ |
225 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 541 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rul
td.doubleclick.net/td/ga/ Frame CDBB |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.ca/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activityi;dc_pre=CJGjqr_xookDFVyzgwgdOigUQg;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
12688802.fls.doubleclick.net/ Frame D767 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=...
td.doubleclick.net/td/fls/rul/ Frame 12FD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ |
0 24 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16482547739/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16482547739
td.doubleclick.net/td/rul/ Frame 3B16 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/16482547739/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.ca/pagead/1p-user-list/16482547739/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
httpapi
api2.amplitude.com/2/ |
94 B 218 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
httpapi
api2.amplitude.com/2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
allv4
v1.bundlecdn.com/common/banners/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
allv4
v1.bundlecdn.com/common/banners/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
events
1weeya.top/analytics/ |
0 0 |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 1weeya.top
- URL
- https://1weeya.top/common/banners/allv4?localeId=61&lang=en&tzOffset=-420
- Domain
- v1.bundlecdn.com
- URL
- https://v1.bundlecdn.com/common/banners/allv4?localeId=61&lang=en&tzOffset=-420
- Domain
- v1.bundlecdn.com
- URL
- https://v1.bundlecdn.com/common/banners/allv4?localeId=61&lang=en&tzOffset=-420
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| INITIAL_DATA object| _chunksDictionary function| clearImmediate function| setImmediate string| appTitle function| deepFreeze object| LangEnum object| lang function| initSmartico string| releaseTag string| buildName string| gtmKey object| supportChatConfig object| webim object| webimHandlers function| initOrGetInstanceOfSupportChat function| openTgSupportChannel function| loadScript object| webpackChunk_1win_frontend_main object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| dataLayer object| __vueuse_ssr_handlers__ function| IMask object| buildConfig boolean| __VUE__ object| amplitude object| analyticsConnectorInstances object| socket object| firebase object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| axel number| a string| userId function| hj object| _hjSettings object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| gaGlobal object| GooglebQhCsO16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
1weeya.top/ | Name: visit_domain Value: 1weeya.top |
|
.1weeya.top/ | Name: cf_clearance Value: QVsWBi.juu4.3MlO0XhxJ5mVIO3A90lmYqDxnfSdoPE-1729630974-1.2.1.1-4f63RZ485mNTVoYQQbF6bfNAVs.lP6mY3ShncFkc0XKV24LM7tcRm3unrVe6doAGzc2tZvXcUrRgTm7647OkuUYCNfZ_bsNyqhOhf41CUkvoOZLwDn8AJl.2c5r9bCnn7KNhWiUgLr5NSi8kdGQ3CNRnyodZiMhMWJ3iLAVel6Iqjx4Z_YU1.QLCaN9eIhR0zmoVkK8uJ45LQNwi_zgArMkx2FFvACq18Ivdve6UmZV6tyi6pg_7kW.Z5vsFMsTRYXOVDcREAonwI4bAlyrrTAGUMJTvjS6WaVBA_N.Q6nrDx_jhk5HVh3P4gQDOOoe_dfiiR4Zx5QBsU5ixWUU5gjoSB35e5bTupisy7o9xTZAocZHElkm9S0xAADZuImfX |
|
1weeya.top/ | Name: 1w_lang Value: en |
|
1weeya.top/ | Name: 1w_locale Value: 61 |
|
.1weeya.top/ | Name: __cf_bm Value: xp1D511oMGhy0dR9cocPAz2ICJi0beefBtlH_e3bVhg-1729630974-1.0.1.1-ZA.UJIWo9Juc7RQsRwbw3ktwR_jactv6jFpoPPPxjzdsg_lfL7K0NXaHwPQ3sim3B_6NmK8lKl1i6P7EdvOwlA |
|
.1weeya.top/ | Name: _cfuvid Value: 8JHwRgkhxKP_YDRME0AMOtsumMnQk53V4KtRd7c3mO0-1729630975458-0.0.1.1-604800000 |
|
.1weeya.top/ | Name: _gcl_au Value: 1.1.1508349530.1729630976 |
|
.1weeya.top/ | Name: AMP_494cccfe21 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIwNDQ1OGYzMy1mOGIxLTRkYTktYTg3MC0wYTk5NjQzOWFhNWIlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzI5NjMwOTc0NzYxJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyOTYzMDk3NTcwMSUyQyUyMmxhc3RFdmVudElkJTIyJTNBNiUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMCU3RA== |
|
.1weeya.top/ | Name: _ga Value: GA1.1.625877177.1729630976 |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.1weeya.top/ | Name: _hjSessionUser_2606090 Value: eyJpZCI6ImY1NjNhNzI0LTM1OTAtNTgwNy1hZDJkLWM3YmRmZTk1YjVmNCIsImNyZWF0ZWQiOjE3Mjk2MzA5NzYwNzcsImV4aXN0aW5nIjpmYWxzZX0= |
|
.1weeya.top/ | Name: _hjSession_2606090 Value: eyJpZCI6Ijk3OGE5ZTNlLThhZWYtNDc0Yi1iYzM2LTQ5NWY1MTBiMjM3MyIsImMiOjE3Mjk2MzA5NzYwNzgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0= |
|
1weeya.top/ | Name: _hjHasCachedUserAttributes Value: true |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUkCrG6Tk_UAYfkmksOSAnXWDnOX-3ccvu_E-nYQvva9jsRKkiNi40E_rZak |
|
.1weeya.top/ | Name: _ga_548949LWLW Value: deleted |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1weeya.top
ad.doubleclick.net
analytics.google.com
api.lab.amplitude.com
api2.amplitude.com
googleads.g.doubleclick.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
v1.bundlecdn.com
www.google.ca
www.google.com
www.googletagmanager.com
1weeya.top
v1.bundlecdn.com
108.138.106.126
142.250.31.148
151.101.2.132
154.197.121.1
154.197.121.128
172.217.222.94
173.194.175.106
173.194.207.148
173.194.207.154
18.164.96.77
209.85.144.155
209.85.144.157
209.85.232.97
216.239.34.181
54.184.93.222
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
0f6e3e5c53c730a88de6f874ab17cb1283f0ed8580bb22b57578f4f0d601f700
1685ca05d76e4d71b161d5e6757088e496797eedfc1535bc4b081203beffd86d
19a89ffb93f75d7a50e22e0d0904e8d6916caa49d2470cb82c83b2c71e0745d5
2ea1eb980748f6a90c9a6327817e40e6966df15c321818b246b2dc7b36cb4fd3
333f4c6fce9a3b294a0b5e438b403e3a98a573d06ce135facb084ced18a61c8f
3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337
45e4fbb52f2c4a734521ed4d16cc89ccd27d4cf5111739209fadd1a4b8c0b83f
4868ff1e5eb4154b7529b4117fbb4d98e8ccb370655d32445f392e5a210e0a74
4976aa119d10308e999d9cc618a49ebc8eb6c19cc7c9672e5f2ac3a1f2c6a4a3
49ffaa4181723a9ed79c1b401b1dee41d0c0d6f3671a69cb0ca6b494335bbbba
4bc4e0ff1b52a213da84c2bd68a388644ee35f4bcfae744d66b8cc6bdbc92215
50a69535cf465c93e4dd8a9a1e2b7ba8d0d35ade42d8696b636951224abfdc8b
5704fb70783a0f90824b41cda3803f7fc987d02f9c4450d7f3839db249bd72c3
58291d174b097938b050bdd46fa7fe9386241f7c4da006ff150493f1b1f4f3e9
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
605d617cececfcdd7647f3b19fb20b30fc38d1f88704f59e911ba17bf24ce105
66c4135905d8889570877f8bf74d092dbcda1ec84d16791a9eab736415fd396c
695bac315dad3a6ec39af30d8dcc5d01242f4e2c417fd0bc80a0e3985fbe4960
6a526c2a6388c3951f1729ba805eb612b457f49b6909a48d1bc3fc6c9f3aa7de
6cf8f34e4b607c3ce8575639c308203e4fad00e9fab2ea37c99b04b680523b43
7c23a431c3cfa498f28ab1b6a824e0319ce355e329b9b4f60963b4fcaf82004a
7fdc45c17b75a52d61d42dabc41c0798395e6047afbe87c032bfffc5766253b2
84e703dd4ddb6a31896739db4fbb3be56fa7ba27b3f3a6c10aae4228fc8b7cd9
93c99f951189844c26e0c18907827beff6fd4276132b98b8e839598b8976ea53
97737bbe04ac7f84b2370204977fd11cabd70d2494c98c472b877ee145c8fc2c
9b39c6fd041f1bc9fadedd5cb382f159c6bcfc3a7a79ca5bf5654869556b8299
9be12e59a210d45411e025096615d4308c44a0cffeb791dd452e443c675e8481
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
a24197824bf746be594453dc05d1a154831e0f97b830388ef1b5698b001d8de3
a616940be79496045b9eccbe6d202ebf6efadafeca6ff0e24bc9e49bb764e799
b563de728f7ad9022ef94968360931749d32898f02f524b66a73c2630126f4a3
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
cc868dab1b16d48b882beef6a12284aed5de69610f1b20060a24fc44a9294907
ccbe1487a157b4afcbea26efd4d265b1c2e323c89967ae0a654770e931b49970
ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a7735ee234e23e660aec8681c82a9d1a5fefb76d9d1972cc3047cc30845d96
ec7bb3946e6d89245afb742b61df3f40e7ca648382cf075e1cf0b73d63d55de7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f007c721f3891c6fbc6555f58faf308a9187968bfca7439dd601ae93b621649b
f19e67532ab80ae500b8fa0a66d28152eca9517eaf7968f85967cbcf66c070df
f4bf8464edcf35fd4582a75b7087389d0075b0670b27f8582156ce64288b130b
f61e4142e849fd70ce29a6ebc163aa515cb87952c29a73a550e46232e40f5dc6
f63a6b9e6b5a598842075008bea8324bd4fbbb102608b2a60e2b7b844b8be478