urlscan.io logo urlscan.io
SecurityTrails logo

partner.quasargaming.com Open in urlscan Pro
185.59.220.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sventia.com/
Effective URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Submission: On August 15 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 26 HTTP transactions. The main IP is 185.59.220.28, located in Frankfurt, Germany and belongs to CDN77, GB. The main domain is partner.quasargaming.com.
This is the only time partner.quasargaming.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 89.163.237.209 24961 (MYLOC-AS)
1 1 172.104.145.13 63949 (LINODE-AP...)
1 1 146.177.40.248 15395 (RACKSPACE...)
18 185.59.220.28 60068 (CDN77)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 195.181.174.6 60068 (CDN77)
2 2a03:2880:f02... 32934 (FACEBOOK)
26 7
1    89.163.237.209 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: node9-mailout.mail-domain.name
sventia.com
1    172.104.145.13 (Absecon, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1661-13.members.linode.com
172.104.145.13
1    146.177.40.248 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)
ads.quasaraffiliates.com
18    185.59.220.28 (Frankfurt, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-20.cdn77.com
partner.quasargaming.com
1    2a00:1450:4001:81b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2400:cb00:2048:1::6811:c103 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
de.quasargaming.com
2    2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    195.181.174.6 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-1.cdn77.com
partner.quasargaming.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
Domain Requested by
19 partner.quasargaming.com partner.quasargaming.com
2 fonts.gstatic.com partner.quasargaming.com
1 staticxx.facebook.com connect.facebook.net
1 connect.facebook.net partner.quasargaming.com
1 de.quasargaming.com partner.quasargaming.com
1 ajax.googleapis.com partner.quasargaming.com
1 fonts.googleapis.com partner.quasargaming.com
1 ads.quasaraffiliates.com 1 redirects
1 sventia.com 1 redirects
26 9
Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh
*.quasargaming.com
Gandi Standard SSL CA 2		 2017-05-18 -
2019-09-13		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh

This page contains 3 frames:

Primary Page: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Frame ID: 7A99600229AB1D6DE4D323780B85F1D6
Requests: 24 HTTP requests in this frame

Frame: https://de.quasargaming.com/default/games/play?game=105027&mode=free&winGameMode=iframe&ext1=true&createAccount=1
Frame ID: 937E2C24173A2AA9356F15DB6BEF696E
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
Frame ID: FC61C1C917C8800DC180C34637F5D196
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sventia.com/ HTTP 302
    http://172.104.145.13:18001/in/new/ HTTP 302
    https://ads.quasaraffiliates.com/redirect.aspx?pid=359999&bid=3693 HTTP 301
    http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

26
Requests

27 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

7
IPs

4
Countries

587 kB
Transfer

1292 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sventia.com/ HTTP 302
    http://172.104.145.13:18001/in/new/ HTTP 302
    https://ads.quasaraffiliates.com/redirect.aspx?pid=359999&bid=3693 HTTP 301
    http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
partner.quasargaming.com/temp-LPs/create-account5-temp/de/
Redirect Chain
  • http://sventia.com/
  • http://172.104.145.13:18001/in/new/
  • https://ads.quasaraffiliates.com/redirect.aspx?pid=359999&bid=3693
  • http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
6f7f64d99b792a4a8e5cfdf93a6bf4c6a88dd4ff237fdbb40d36ed66d6cb4951

Request headers

Host
partner.quasargaming.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
7A99600229AB1D6DE4D323780B85F1D6

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Jul 2018 12:41:46 GMT
ETag
W/"5b60590a-4522"
Access-Control-Allow-Origin
*
Server
CDN77-Turbo
X-Edge-IP
185.59.220.20
X-Edge-Location
frankfurtDE
X-Cache
HIT
X-Age
651677
Content-Encoding
gzip

Redirect headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html
Location
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Server
Microsoft-IIS/10.0
P3P
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
X-AspNet-Version
4.0.30319
Set-Cookie
NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a359999%2c%22BID%22%3a3693%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1534299774989)%5c%2f%22%2c%22CookieTag%22%3a%22369335999945254152841C2018815322%22%7d%5d; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%221276328513%7c1%22%7d%5d; expires=Fri, 15-Aug-3017 02:22:54 GMT; path=/
Request-Context
appId=cid-v1:42ca6b97-b564-4b23-b218-51b9f4f71628
X-Powered-By
ASP.NET
Date
Wed, 15 Aug 2018 02:22:54 GMT
Connection
close
Content-Length
0
css
fonts.googleapis.com/ 		5 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,300,400,400italic,700,900&subset=latin,latin-ext
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
8d95b706875ba0311b2cbb8d10fee82be7ea6e47bc6cec8f5998c2c93f011aeb
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=3600
content-encoding
gzip
last-modified
Wed, 15 Aug 2018 02:22:55 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 15 Aug 2018 02:22:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 15 Aug 2018 02:22:55 GMT
helvetica.css
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/ 		754 B
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/helvetica.css
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c75b3fab18e15292731db5967fd4922582be5122dc9d472bdb60b89c55d8adc6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Oct 2016 12:56:09 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"58076d69-2f2"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
651677
icomoon.css
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/ 		327 B
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/icomoon.css
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
ff9abeec42e04577793f212c99c09c618aed2713c0d382a83fd5927028c86ab5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Oct 2016 12:56:13 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"58076d6d-147"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
651677
font-awesome.min.css
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/fonts/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/fonts/css/font-awesome.min.css
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Oct 2016 13:44:53 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"580778d5-7187"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
651677
global_version_1476859813.css
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/ 		428 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/global_version_1476859813.css
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
4588c6ffc1554b420aec1263a8092ee0dd5610a3cbf7ba910d1cc7db2d5d568e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Oct 2016 08:58:08 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5809d8a0-6b1a2"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
651677
main.css
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/main.css
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d28bf3e7afa7fa9716ca9d383f3562d183a2d36e944f8ab8c3c970efddbd9fd7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Oct 2016 08:38:29 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5809d405-5e47"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
651677
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 Aug 2018 01:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
694524
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
33495
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2019 01:27:31 GMT
jquery.cookie.js
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/js/jquery.cookie.js
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Oct 2016 12:22:30 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"580f4e86-c44"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
651677
jquery.main.js
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/js/jquery.main.js
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
150b7414ef06a6c3001a6b0d7526907b2e1f587a896932d6b7d8187ac8362fb2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2017 10:45:10 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"58cfb2b6-46fb"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
651677
providers.png
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/providers.png
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e69e1b7496eb2ca1be1f90dc1409cf4721fd7533580a0742502c8d969258aa3f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Last-Modified
Tue, 30 May 2017 14:48:28 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"592d863c-a966"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
651677
Content-Length
43366
mga.png
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/mga.png
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
7f8be0c4193f654dcb5f492f5688d3c4fad25215e1eb38d56087b6c48f242b99

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Last-Modified
Wed, 19 Oct 2016 12:59:33 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"58076e35-cee"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
651677
Content-Length
3310
18-icon.png
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/18-icon.png
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
07d98f2a53839c1bfa4905adeac75d61e33a7aaf98875d50103e6a72a06a3c25

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Last-Modified
Wed, 19 Oct 2016 12:59:40 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"58076e3c-89e"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
651676
Content-Length
2206
gamcare-trans.png
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/gamcare-trans.png
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5747df19653405365b0dfc9f1de932e2e4d77e922fdb316519a0340b07dc9d53

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Last-Modified
Wed, 19 Oct 2016 12:59:51 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"58076e47-99c"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
651676
Content-Length
2460
gambling-therapy-trans.png
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/gambling-therapy-trans.png
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
90d49066716edb0874f36fc8f64021d19005da2958bcc46695f6970e386674b4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Last-Modified
Wed, 19 Oct 2016 13:00:01 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"58076e51-84c"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
651676
Content-Length
2124
jquery-1.11.2.min.js
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/js/jquery-1.11.2.min.js
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
100a135d8e7d5ebf1fe83b0b16da1d8d8b2321acdc4d5c24a1f9a7df53b23cf1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Oct 2016 08:19:14 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5809cf82-176bd"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
651677
play
de.quasargaming.com/default/games/ Frame 937E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.quasargaming.com/default/games/play?game=105027&mode=free&winGameMode=iframe&ext1=true&createAccount=1
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:c103 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.1.20
Resource Hash

Request headers

:method
GET
:authority
de.quasargaming.com
:scheme
https
:path
/default/games/play?game=105027&mode=free&winGameMode=iframe&ext1=true&createAccount=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
7A99600229AB1D6DE4D323780B85F1D6
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999

Response headers

status
200
date
Wed, 15 Aug 2018 02:22:55 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d4b9cb8fcca85b74067ca0554eaed5c781534299775; expires=Thu, 15-Aug-19 02:22:55 GMT; path=/; domain=.quasargaming.com; HttpOnly PHPSESSID=1f9fdcf3912f849036f7f9e6e05b17c5; path=/; domain=.quasargaming.com; HttpOnly language=de; expires=Wed, 29-Aug-2018 02:22:55 GMT; Max-Age=1209600; path=/; domain=.quasargaming.com; HttpOnly
x-powered-by
PHP/7.1.20
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
User-Agent,Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
44a8323a9cab2708-FRA
content-encoding
gzip
book-of-ra.jpg
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/book-of-ra.jpg
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
fb0cc50fdb20ddd10cbe85b2492204b8e3314f365b8ff4a1641fe7eade92ffd0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/global_version_1476859813.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/global_version_1476859813.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Last-Modified
Wed, 19 Oct 2016 13:26:45 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"58077495-29ffd"
X-Cache
HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
651676
Content-Length
172029
logo.png
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/images/logo.png
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
a95a3f66bd8bfba7354f61d6c1bd386f044ae3598b90da82b250d1be4fd795c8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/global_version_1476859813.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/global_version_1476859813.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Last-Modified
Wed, 19 Oct 2016 13:22:59 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"580773b3-1441"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
651676
Content-Length
5185
helvetica-webfont.woff
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/helvetica-webfont.woff
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e23ee2031c310600142f8a64931aac7d33af0a2af74633751a334e807b665be8

Request headers

Pragma
no-cache
Origin
http://partner.quasargaming.com
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/helvetica.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/helvetica.css
Origin
http://partner.quasargaming.com

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Last-Modified
Fri, 21 Oct 2016 08:27:56 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"5809d18c-9a18"
X-Cache
HIT
Content-Type
font/woff
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
651676
Content-Length
39448
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,300,400,400italic,700,900&subset=latin,latin-ext
Origin
http://partner.quasargaming.com

Response headers

date
Mon, 30 Jul 2018 07:08:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:20 GMT
server
sffe
age
1365266
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13944
x-xss-protection
1; mode=block
expires
Tue, 30 Jul 2019 07:08:29 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,300,400,400italic,700,900&subset=latin,latin-ext
Origin
http://partner.quasargaming.com

Response headers

date
Mon, 06 Aug 2018 10:35:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
748054
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14076
x-xss-protection
1; mode=block
expires
Tue, 06 Aug 2019 10:35:21 GMT
icomoon.ttf
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/fonts/icomoon.ttf?atn9k3
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f432c5563913861f08da09f38cbbcae7f071bf49d643087dcc50a8e99a414d6a

Request headers

Pragma
no-cache
Origin
http://partner.quasargaming.com
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/main.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/css/main.css
Origin
http://partner.quasargaming.com

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 09:20:06 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"573ed6c6-94c"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
font/ttf
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
651676
fontawesome-webfont.woff2
partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/fonts/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/fonts/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
Protocol
HTTP/1.1
Server
195.181.174.6 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Pragma
no-cache
Origin
http://partner.quasargaming.com
Accept-Encoding
gzip, deflate
Host
partner.quasargaming.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/fonts/css/font-awesome.min.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/fonts/css/font-awesome.min.css
Origin
http://partner.quasargaming.com

Response headers

Date
Wed, 15 Aug 2018 02:22:55 GMT
Last-Modified
Wed, 19 Oct 2016 13:44:53 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"580778d5-118d8"
X-Cache
HIT
Content-Type
font/woff2
Access-Control-Allow-Origin
*
X-Edge-IP
195.181.174.1
Connection
keep-alive
Accept-Ranges
bytes
X-Age
120377
Content-Length
71896
sdk.js
connect.facebook.net/en_US/ 		217 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: partner.quasargaming.com
URL: http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/assets/js/jquery.main.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c8cc521b6e1920ac8dd305bcd17ae89ad8f0eb307fce40c22df768b03652b86e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
I2lwrrRT8kp1Zc70+C9B+Q==
status
200
content-length
67146
x-xss-protection
0
x-fb-debug
WKBKTTusnAWcgBlQbdYkPnw84EgDzfxdSKDAW7tZQ69l5S7H+mHYLacT+GzAXNOccGtyFFX6bidKIJXlLJGD2w==
x-fb-content-md5
63c27b514ecae0738345e17437073c98
x-frame-options
DENY
date
Wed, 15 Aug 2018 02:22:55 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"dac2261ba2014deeb705a829fb097738"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Wed, 15 Aug 2018 02:41:14 GMT
QX17B8fU-Vm.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame FC61 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
7A99600229AB1D6DE4D323780B85F1D6
Referer
http://partner.quasargaming.com/temp-LPs/create-account5-temp/de/index.html?btag=655468_13CA107435CA4E2D969D8F2E6637D138&pid=359999

Response headers

status
200
expires
Wed, 14 Aug 2019 19:43:27 GMT
cache-control
public,max-age=31536000,immutable
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
x-fb-debug
KS1mPR6yPE4tXvIcmLrOH1scDZi1xZWEbAXE4Md8OkJBGdbX8dmaKkECchyNYwexTlbt65BNK+FDtRRoWBAc/g==
content-length
13906
date
Wed, 15 Aug 2018 02:22:55 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| facebookApiId function| $ function| jQuery string| cid string| an string| b string| s string| to string| tag string| s1 string| s2 string| s3 string| s4 string| s5 string| mbclick function| getParameterByName function| showLoading function| hideLoading function| processDlgSubmit function| initSteps function| initSameHeight function| fbAsyncInit object| FB

5 Cookies

Domain/Path Name / Value
.oryxgaming.com/ Name: __cfduid
Value: d3afbdba6b0a63cd2b7d6b4d9007ca6e11534299775
.quasargaming.com/ Name: language
Value: de
.quasargaming.com/ Name: PHPSESSID
Value: 1f9fdcf3912f849036f7f9e6e05b17c5
.quasargaming.com/ Name: __cfduid
Value: d4b9cb8fcca85b74067ca0554eaed5c781534299775
partner.quasargaming.com/ Name: btag
Value: 655468_13CA107435CA4E2D969D8F2E6637D138

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.quasaraffiliates.com
ajax.googleapis.com
connect.facebook.net
de.quasargaming.com
fonts.googleapis.com
fonts.gstatic.com
partner.quasargaming.com
staticxx.facebook.com
sventia.com
146.177.40.248
172.104.145.13
185.59.220.28
195.181.174.6
2400:cb00:2048:1::6811:c103
2a00:1450:4001:816::200a
2a00:1450:4001:81b::200a
2a00:1450:4001:81c::2003
2a03:2880:f02d:12:face:b00c:0:3
89.163.237.209
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
07d98f2a53839c1bfa4905adeac75d61e33a7aaf98875d50103e6a72a06a3c25
100a135d8e7d5ebf1fe83b0b16da1d8d8b2321acdc4d5c24a1f9a7df53b23cf1
150b7414ef06a6c3001a6b0d7526907b2e1f587a896932d6b7d8187ac8362fb2
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
4588c6ffc1554b420aec1263a8092ee0dd5610a3cbf7ba910d1cc7db2d5d568e
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
5747df19653405365b0dfc9f1de932e2e4d77e922fdb316519a0340b07dc9d53
6f7f64d99b792a4a8e5cfdf93a6bf4c6a88dd4ff237fdbb40d36ed66d6cb4951
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f8be0c4193f654dcb5f492f5688d3c4fad25215e1eb38d56087b6c48f242b99
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
8d95b706875ba0311b2cbb8d10fee82be7ea6e47bc6cec8f5998c2c93f011aeb
90d49066716edb0874f36fc8f64021d19005da2958bcc46695f6970e386674b4
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
a95a3f66bd8bfba7354f61d6c1bd386f044ae3598b90da82b250d1be4fd795c8
c75b3fab18e15292731db5967fd4922582be5122dc9d472bdb60b89c55d8adc6
c8cc521b6e1920ac8dd305bcd17ae89ad8f0eb307fce40c22df768b03652b86e
d28bf3e7afa7fa9716ca9d383f3562d183a2d36e944f8ab8c3c970efddbd9fd7
e23ee2031c310600142f8a64931aac7d33af0a2af74633751a334e807b665be8
e69e1b7496eb2ca1be1f90dc1409cf4721fd7533580a0742502c8d969258aa3f
f432c5563913861f08da09f38cbbcae7f071bf49d643087dcc50a8e99a414d6a
fb0cc50fdb20ddd10cbe85b2492204b8e3314f365b8ff4a1641fe7eade92ffd0
ff9abeec42e04577793f212c99c09c618aed2713c0d382a83fd5927028c86ab5