roobet.com
Open in
urlscan Pro
2606:4700:4400::6812:240d
Public Scan
Submitted URL: http://ulg1.net/
Effective URL: https://roobet.com/?affid=35630&cxd=35630_629473_wr9galetevee59u5j2ngprce|afp10:Trellian&utm_medium=[utm_medium]&ut...
Submission: On November 28 via api from US — Scanned from CA
Effective URL: https://roobet.com/?affid=35630&cxd=35630_629473_wr9galetevee59u5j2ngprce|afp10:Trellian&utm_medium=[utm_medium]&ut...
Submission: On November 28 via api from US — Scanned from CA
Summary
This website contacted 14 IPs
in 3 countries
across 15 domains to perform 31 HTTP transactions.
The main IP is 2606:4700:4400::6812:240d, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is roobet.com.
The Cisco Umbrella rank of the primary domain is 627821.
TLS certificate: Issued by WE1 on November 3rd 2024. Valid for: 3 months.
This is the only time roobet.com was scanned on urlscan.io!
TLS certificate: Issued by WE1 on November 3rd 2024. Valid for: 3 months.
This is the only time roobet.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 4 | 15.204.67.7 15.204.67.7 | 16276 (OVH OVH SAS) (OVH OVH SAS) | |
| 1 4 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 1 2 | 2600:9000:24f... 2600:9000:24f0:3600:1a:31ec:8a40:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 1 | 35.234.86.61 35.234.86.61 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 5 | 2606:4700:440... 2606:4700:4400::6812:240d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 13.226.34.70 13.226.34.70 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2606:4700::68... 2606:4700::6810:4f49 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2600:9000:251... 2600:9000:2510:7e00:b:ba05:1580:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 4 | 2607:f8b0:400... 2607:f8b0:4006:821::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2607:f8b0:400... 2607:f8b0:4006:808::2004 | () () | |
| 1 | 108.139.33.128 108.139.33.128 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2607:f8b0:400... 2607:f8b0:4006:824::200e | () () | |
| 1 | 2001:4860:480... 2001:4860:4802:36::181 | () () | |
| 1 | 2607:f8b0:400... 2607:f8b0:4004:c09::9b | () () | |
| 31 | 14 |
4
15.204.67.7
(Hillsboro, United States)
ASN16276 (OVH OVH SAS, FR)
PTR: vps-5fa594a1.vps.ovh.us
ASN16276 (OVH OVH SAS, FR)
PTR: vps-5fa594a1.vps.ovh.us
| ulg1.net |
4
103.224.182.206
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
| cibago.com |
1
35.234.86.61
(Frankfurt am Main, Germany)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.86.234.35.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.86.234.35.bc.googleusercontent.com
| go.roobetaffiliates.com |
1
13.226.34.70
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-70.ewr53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-70.ewr53.r.cloudfront.net
| static.paymentiq.io |
1
2600:9000:2510:7e00:b:ba05:1580:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| b6fbd907-6224-495b-891d-cd23b3e29488.seals-xcm.certria.com |
1
108.139.33.128
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net
| js.adsrvr.org |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
roobet.com
roobet.com — Cisco Umbrella Rank: 627821 |
92 KB |
| 4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
341 KB |
| 4 |
cibago.com
1 redirects
cibago.com — Cisco Umbrella Rank: 350584 |
3 KB |
| 4 |
ulg1.net
2 redirects
ulg1.net |
17 KB |
| 2 |
google.com
www.google.com analytics.google.com |
|
| 2 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617 |
14 KB |
| 2 |
kstrk.com
1 redirects
trk.kstrk.com |
2 KB |
| 1 |
doubleclick.net
stats.g.doubleclick.net td.doubleclick.net Failed |
550 B |
| 1 |
google-analytics.com
www.google-analytics.com |
|
| 1 |
adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1531 |
6 KB |
| 1 |
certria.com
b6fbd907-6224-495b-891d-cd23b3e29488.seals-xcm.certria.com |
2 KB |
| 1 |
paymentiq.io
static.paymentiq.io — Cisco Umbrella Rank: 412466 |
18 KB |
| 1 |
roobetaffiliates.com
1 redirects
go.roobetaffiliates.com |
682 B |
| 0 |
google.ca
Failed
www.google.ca Failed |
|
| 0 |
seondf.com
Failed
cdn.seondf.com Failed |
|
| 31 | 15 |
| Domain | Requested by | |
|---|---|---|
| 5 | roobet.com |
trk.kstrk.com
roobet.com |
| 4 | www.googletagmanager.com |
roobet.com
www.googletagmanager.com |
| 4 | cibago.com |
1 redirects
ulg1.net
cibago.com |
| 4 | ulg1.net |
2 redirects
ulg1.net
|
| 2 | static.cloudflareinsights.com |
roobet.com
|
| 2 | trk.kstrk.com |
1 redirects
cibago.com
|
| 1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | analytics.google.com |
www.googletagmanager.com
|
| 1 | www.google-analytics.com |
www.googletagmanager.com
|
| 1 | js.adsrvr.org |
www.googletagmanager.com
|
| 1 | www.google.com |
www.googletagmanager.com
|
| 1 | b6fbd907-6224-495b-891d-cd23b3e29488.seals-xcm.certria.com |
roobet.com
|
| 1 | static.paymentiq.io |
roobet.com
|
| 1 | go.roobetaffiliates.com | 1 redirects |
| 0 | www.google.ca Failed |
roobet.com
|
| 0 | td.doubleclick.net Failed |
www.googletagmanager.com
|
| 0 | cdn.seondf.com Failed |
roobet.com
|
| 31 | 17 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| paperonity.com R11 |
2024-10-06 - 2025-01-04 |
3 months | crt.sh |
| pruritus-ani.de R10 |
2024-09-29 - 2024-12-28 |
3 months | crt.sh |
| trk.kstrk.com Amazon RSA 2048 M03 |
2024-11-07 - 2025-12-06 |
a year | crt.sh |
| roobet.com WE1 |
2024-11-03 - 2025-02-01 |
3 months | crt.sh |
| *.paymentiq.io Amazon RSA 2048 M02 |
2024-11-12 - 2025-12-10 |
a year | crt.sh |
| cloudflareinsights.com WE1 |
2024-11-01 - 2025-01-30 |
3 months | crt.sh |
| *.seals-xcm.certria.com GlobalSign GCC R6 AlphaSSL CA 2023 |
2024-06-11 - 2025-07-13 |
a year | crt.sh |
| *.google-analytics.com WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
| *.google.com WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2024-04-23 - 2025-05-25 |
a year | crt.sh |
| *.g.doubleclick.net WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://roobet.com/?affid=35630&cxd=35630_629473_wr9galetevee59u5j2ngprce|afp10:Trellian&utm_medium=[utm_medium]&utm_campaign=Trellian&utm_content=[utm_content]
Frame ID: 4DAF13798E6DFA819F1574C10850DCEE
Requests: 29 HTTP requests in this frame
Frame:
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Froobet.com
Frame ID: 51CE3A4462F81C4B1F9359153169E0C2
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/ga/rul?tid=G-00JS1BZ93P&gacid=1308836168.1732813969>m=45je4bk0v884072335z8830374633za200zb830374633&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=726611891
Frame ID: B7A7B5600EAA6641038DAB6BC495B049
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Roobet | Crypto's Fastest Growing CasinoPage URL History Show full URLs
-
http://ulg1.net/
HTTP 307
https://ulg1.net/ HTTP 307
http://ulg1.net/ HTTP 302
https://ulg1.net/ Page URL
-
http://ulg1.net/?fp=7fe7f2e16dd7f48c00a4ea8141734fea
HTTP 307
https://ulg1.net/?fp=7fe7f2e16dd7f48c00a4ea8141734fea HTTP 302
http://cibago.com/xr.php?e=hFWdPXbs%2F3Mkvdy7v3cmXn49fktINzhiUzQxbmxCRU4vWTVUTEdmYk5QYUpEelhmM... HTTP 307
https://cibago.com/xr.php?e=hFWdPXbs%2F3Mkvdy7v3cmXn49fktINzhiUzQxbmxCRU4vWTVUTEdmYk5QYUpEelhmM... Page URL
-
https://cibago.com/r.php?u=https%3A%2F%2Ftrk.kstrk.com%2Ff461bb1e-4ad8-418d-a901-09f66e40750b%3...
HTTP 302
https://trk.kstrk.com/f461bb1e-4ad8-418d-a901-09f66e40750b?keyword=.ca.01.nonadult&subid=174505733... HTTP 307
https://trk.kstrk.com/f461bb1e-4ad8-418d-a901-09f66e40750b/2?keyword=.ca.01.nonadult&subid=1745057... Page URL
-
https://go.roobetaffiliates.com/visit/?bta=35630&brand=roobet&afp=wr9galetevee59u5j2ngprce&utm_campaign=Trel...
HTTP 302
https://roobet.com/?affid=35630&cxd=35630_629473_wr9galetevee59u5j2ngprce|afp10:Trellian&utm_me... Page URL
Detected technologies
Cloudflare Browser Insights
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ulg1.net/
HTTP 307
https://ulg1.net/ HTTP 307
http://ulg1.net/ HTTP 302
https://ulg1.net/ Page URL
-
http://ulg1.net/?fp=7fe7f2e16dd7f48c00a4ea8141734fea
HTTP 307
https://ulg1.net/?fp=7fe7f2e16dd7f48c00a4ea8141734fea HTTP 302
http://cibago.com/xr.php?e=hFWdPXbs%2F3Mkvdy7v3cmXn49fktINzhiUzQxbmxCRU4vWTVUTEdmYk5QYUpEelhmMGFYbEdFemhFYnlTUUxCWFVuQmFId2E4NWwxc2RTUC9VQ2o4MVhZWGg0cWpDZ2JMd3dJYWZYMXZzTVg4M2kyMnpleGpnKzRqTXpqRXdCRVlKcVJZVkVlNDlLUWNDZTZGTU9XNzVJWUNNeXBZK2drZTUzMG1DWkJYSnZtWmVBczMvZE41bXluUkIrb0JsNzV4WlNqMmtzaERxazFUVTFzV0JkZlg5anVQK3NPYTd6bnBvUGtpSUxIc3hxQVRoeEsxNURCajdHcUNPZmVPOU83ZnpXcnFJRHREYXYxTXFJMGh4anpUbUNBVGIrTDhTYjNUNWlrVG81VWgxeng5cmorWFFXdW9XNVdtbmVMdWNlNXNXdlZGTVBUWTRMK25kVGwxcUtWTHVQb2JLdXU0dGxmMzRRYUFpNkd3Nm1xWU85dldkTVl3c2FUK2w0L2RLbHVwc08zQW9IN1ZtMHpSc3REWnRsL0ljd3dJTm95eWZRL3ZTd252dllVR3lnaVVqdDRUWGhPK1RVai9nYlBsV3ZHT3NNU2tqRmtzVTNmbWREWVpiWWYyR2d0NTVSQVNKbVlZYmFqbm1UZUpQcVNNalVWUzJySnBrQm02RDJUY2xrN0tvaFNJdUFvVmFueFVXVVNiL05JRmQyNmtLSDJYRVNIVW45UUUrdVozWklCZENkOUphNW9wK0lEUFM3N0tlR0MyODFOcU5Kai9ScGIwWVc0b0ZwQTgwbjJWNGpicDgzZzZ1N3BGdEV2Zkt6Wkx6U09odkdidU5Fa2xId3VrUFptZmh4RkNMN1hTaDZhR2NPZXhLY0RpQkZ6TUVaVHlUaUlaSTg5NFJWRFQyRURObVprVTgwdW5GMHdPS1JMdkVKMm03UFlxOW5JVXJWRXNqa0NraVJPRGh1M01JQUdFZ0tweThzTWdTR0R6QU5wN0VqOTRPU1pWRTQ4TWYrcW4waHdHazE4elN0bnhnOVJuWUVVcDcvUkwzSC9PdVE1TVRYZ1pmVzN5UlJXZFhpWFkxaHAwYjFxSFdJSmR3WUQxWnhpUHo3cFlpZ0VvMWlsdUhRUm0xamxQMkhEcWV6L0RBY2h5eEoyWU13QTVvaWNqS21sdnBLbHd4Vnh1T3pyTW53VyswWU9ycDFsQjBLRUp5ZldiT2IzMnFBeDNqa2p6SkhpS0hXZUdLZlErZUlMdStnSXF6cGhOR0twOFJGTjlxU09qWEdhRmNHcmFqSjlkaE1DUGhzOA%3D%3D HTTP 307
https://cibago.com/xr.php?e=hFWdPXbs%2F3Mkvdy7v3cmXn49fktINzhiUzQxbmxCRU4vWTVUTEdmYk5QYUpEelhmMGFYbEdFemhFYnlTUUxCWFVuQmFId2E4NWwxc2RTUC9VQ2o4MVhZWGg0cWpDZ2JMd3dJYWZYMXZzTVg4M2kyMnpleGpnKzRqTXpqRXdCRVlKcVJZVkVlNDlLUWNDZTZGTU9XNzVJWUNNeXBZK2drZTUzMG1DWkJYSnZtWmVBczMvZE41bXluUkIrb0JsNzV4WlNqMmtzaERxazFUVTFzV0JkZlg5anVQK3NPYTd6bnBvUGtpSUxIc3hxQVRoeEsxNURCajdHcUNPZmVPOU83ZnpXcnFJRHREYXYxTXFJMGh4anpUbUNBVGIrTDhTYjNUNWlrVG81VWgxeng5cmorWFFXdW9XNVdtbmVMdWNlNXNXdlZGTVBUWTRMK25kVGwxcUtWTHVQb2JLdXU0dGxmMzRRYUFpNkd3Nm1xWU85dldkTVl3c2FUK2w0L2RLbHVwc08zQW9IN1ZtMHpSc3REWnRsL0ljd3dJTm95eWZRL3ZTd252dllVR3lnaVVqdDRUWGhPK1RVai9nYlBsV3ZHT3NNU2tqRmtzVTNmbWREWVpiWWYyR2d0NTVSQVNKbVlZYmFqbm1UZUpQcVNNalVWUzJySnBrQm02RDJUY2xrN0tvaFNJdUFvVmFueFVXVVNiL05JRmQyNmtLSDJYRVNIVW45UUUrdVozWklCZENkOUphNW9wK0lEUFM3N0tlR0MyODFOcU5Kai9ScGIwWVc0b0ZwQTgwbjJWNGpicDgzZzZ1N3BGdEV2Zkt6Wkx6U09odkdidU5Fa2xId3VrUFptZmh4RkNMN1hTaDZhR2NPZXhLY0RpQkZ6TUVaVHlUaUlaSTg5NFJWRFQyRURObVprVTgwdW5GMHdPS1JMdkVKMm03UFlxOW5JVXJWRXNqa0NraVJPRGh1M01JQUdFZ0tweThzTWdTR0R6QU5wN0VqOTRPU1pWRTQ4TWYrcW4waHdHazE4elN0bnhnOVJuWUVVcDcvUkwzSC9PdVE1TVRYZ1pmVzN5UlJXZFhpWFkxaHAwYjFxSFdJSmR3WUQxWnhpUHo3cFlpZ0VvMWlsdUhRUm0xamxQMkhEcWV6L0RBY2h5eEoyWU13QTVvaWNqS21sdnBLbHd4Vnh1T3pyTW53VyswWU9ycDFsQjBLRUp5ZldiT2IzMnFBeDNqa2p6SkhpS0hXZUdLZlErZUlMdStnSXF6cGhOR0twOFJGTjlxU09qWEdhRmNHcmFqSjlkaE1DUGhzOA%3D%3D Page URL
-
https://cibago.com/r.php?u=https%3A%2F%2Ftrk.kstrk.com%2Ff461bb1e-4ad8-418d-a901-09f66e40750b%3Fkeyword%3D.ca.01.nonadult%26subid%3D1745057337%26cpv%3D0.010&s=j&enc=N9c6ku%2Bx2XJ%2ByjI5RpSa6349fkJXdG1yMlZsZUxTbXhodC9WS0FSL2VRKzlEbzViVmk3Y2Y5YjhjQ1JpRlVWYXRkaGRhTjJWdDMzWUdGSitoU1JJdFVnMXJKNGd3U3FDM1dveVY3Sm9zbXZWL25acmViOFhjeGpydnFKRU5QMFQ4bnJQV0RsMTFibHlHQi9mK1QyWUxrblIyQitPOXdBZVZDdFd3L0Y0WDB2NU1rR2d6Sy9FYnQ0UEdnTWVhUWppbXYyTjA1NmxiZ3pPMXNRYlhPaFE0RitJZktJUkswUGNoM2s2Y0VJSnZiM09Lb0VKeTdGQ2FUYlNFTFB1THM4TW5JZkF6Wi9SODdGUjFmMGdQemNWbjVsS2cvRkphUVV6Wmc1NEhTNUxwSzk0UWdNc2dhV2hYdUFZQWhGbHpaUU9HVDJEa1FaaW1JSlhkL3RYV1VtekNRdGtBVVpaYTl3a0xVU1pMY3oxZGJoM3U1cFhGTndOaEZHVWVqSzg5WDlJUWE4QVZqVUp0c3pHeHl2a0pVT1BydWRGdmZjRCtCc3ZNV3d6L3BOOFNTUGFmdWNYRXZHbHdhNTFYWVdicHNKNUtjK0hHOTdlVitSdm45YkptSUZTMUpOU3BmVVd6Z2JXdkdwdDFXVHVGdUpNNk5LTWVLRGdQbmYzSmZvaTFsZ3FjL3oybmxTeXVQZnFlQkZvYjNUWm9GRTdFYzRiM0srTzkvZFJxM2UxODZyNnRoOHNPYnhUWkNkb3poSTN3MHoxeHVYUjZVYS90dGt5a2dhampyUk1rN0tOb2lIMG9tSFVHc3JZZ09mRm83WmRFWmZ6ck5Fb09HcDlKZjd5OUUvT0dxUlhyQ0hZYklxTUoyOE5Ua2NMUXJ3MmM4QXRMWlAwWHptNjEyMGFHamI1SDJwUjhkZUd2NUdpTVZQeTdWWjh5QkhVcXBtOXFGSy94eXNPeDdCS2h0QmxQTzBZRlJmUEIxejhVQWttc3VQcjlsS05Xd29VRWVLa1pVRWsxLy8zcDdEYXYvbmZHS0ZOMkxzcFI2Wm1xdnlZYWladVN3dHkrUzJRR3B6K1dIYjBOZlZNaDhxZ0VhMDFtZFRTSVU2TmdtRVA5OUo4alhGTzR1ZWhCdDE5akoxYUI5SnBTS1kxV0VsTWxiK2VRT2tMS2IxU04yUUM0Rk5vOTdLc3ZWT3JiTUNxN01lRkEyNHIzNW1nTlhYTUw4OEswS3hqSzg2anhuNWY1c2NxZ0QxN3JGdVkxdVBmVDEwMGY2TjBIWVlzTU44NjUxbGxHRFlTaEFQRnFWNklLVWNwRC9oL2g5UDBPckV5c3g2VG8rT0hzOFRrNlkxbEkvRHZrdWNZaTg9&vs=1600:1200&ds=1600:1200&sl=1570:1170&os=f&nos=t&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=7fe7f2e16dd7f48c00a4ea8141734fea
HTTP 302
https://trk.kstrk.com/f461bb1e-4ad8-418d-a901-09f66e40750b?keyword=.ca.01.nonadult&subid=1745057337&cpv=0.010 HTTP 307
https://trk.kstrk.com/f461bb1e-4ad8-418d-a901-09f66e40750b/2?keyword=.ca.01.nonadult&subid=1745057337&cpv=0.010 Page URL
-
https://go.roobetaffiliates.com/visit/?bta=35630&brand=roobet&afp=wr9galetevee59u5j2ngprce&utm_campaign=Trellian
HTTP 302
https://roobet.com/?affid=35630&cxd=35630_629473_wr9galetevee59u5j2ngprce|afp10:Trellian&utm_medium=[utm_medium]&utm_campaign=Trellian&utm_content=[utm_content] Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://ulg1.net/ HTTP 307
- https://ulg1.net/ HTTP 307
- http://ulg1.net/ HTTP 302
- https://ulg1.net/
- http://ulg1.net/?fp=7fe7f2e16dd7f48c00a4ea8141734fea HTTP 307
- https://ulg1.net/?fp=7fe7f2e16dd7f48c00a4ea8141734fea HTTP 302
- http://cibago.com/xr.php?e=hFWdPXbs%2F3Mkvdy7v3cmXn49fktINzhiUzQxbmxCRU4vWTVUTEdmYk5QYUpEelhmMGFYbEdFemhFYnlTUUxCWFVuQmFId2E4NWwxc2RTUC9VQ2o4MVhZWGg0cWpDZ2JMd3dJYWZYMXZzTVg4M2kyMnpleGpnKzRqTXpqRXdCRVlKcVJZVkVlNDlLUWNDZTZGTU9XNzVJWUNNeXBZK2drZTUzMG1DWkJYSnZtWmVBczMvZE41bXluUkIrb0JsNzV4WlNqMmtzaERxazFUVTFzV0JkZlg5anVQK3NPYTd6bnBvUGtpSUxIc3hxQVRoeEsxNURCajdHcUNPZmVPOU83ZnpXcnFJRHREYXYxTXFJMGh4anpUbUNBVGIrTDhTYjNUNWlrVG81VWgxeng5cmorWFFXdW9XNVdtbmVMdWNlNXNXdlZGTVBUWTRMK25kVGwxcUtWTHVQb2JLdXU0dGxmMzRRYUFpNkd3Nm1xWU85dldkTVl3c2FUK2w0L2RLbHVwc08zQW9IN1ZtMHpSc3REWnRsL0ljd3dJTm95eWZRL3ZTd252dllVR3lnaVVqdDRUWGhPK1RVai9nYlBsV3ZHT3NNU2tqRmtzVTNmbWREWVpiWWYyR2d0NTVSQVNKbVlZYmFqbm1UZUpQcVNNalVWUzJySnBrQm02RDJUY2xrN0tvaFNJdUFvVmFueFVXVVNiL05JRmQyNmtLSDJYRVNIVW45UUUrdVozWklCZENkOUphNW9wK0lEUFM3N0tlR0MyODFOcU5Kai9ScGIwWVc0b0ZwQTgwbjJWNGpicDgzZzZ1N3BGdEV2Zkt6Wkx6U09odkdidU5Fa2xId3VrUFptZmh4RkNMN1hTaDZhR2NPZXhLY0RpQkZ6TUVaVHlUaUlaSTg5NFJWRFQyRURObVprVTgwdW5GMHdPS1JMdkVKMm03UFlxOW5JVXJWRXNqa0NraVJPRGh1M01JQUdFZ0tweThzTWdTR0R6QU5wN0VqOTRPU1pWRTQ4TWYrcW4waHdHazE4elN0bnhnOVJuWUVVcDcvUkwzSC9PdVE1TVRYZ1pmVzN5UlJXZFhpWFkxaHAwYjFxSFdJSmR3WUQxWnhpUHo3cFlpZ0VvMWlsdUhRUm0xamxQMkhEcWV6L0RBY2h5eEoyWU13QTVvaWNqS21sdnBLbHd4Vnh1T3pyTW53VyswWU9ycDFsQjBLRUp5ZldiT2IzMnFBeDNqa2p6SkhpS0hXZUdLZlErZUlMdStnSXF6cGhOR0twOFJGTjlxU09qWEdhRmNHcmFqSjlkaE1DUGhzOA%3D%3D HTTP 307
- https://cibago.com/xr.php?e=hFWdPXbs%2F3Mkvdy7v3cmXn49fktINzhiUzQxbmxCRU4vWTVUTEdmYk5QYUpEelhmMGFYbEdFemhFYnlTUUxCWFVuQmFId2E4NWwxc2RTUC9VQ2o4MVhZWGg0cWpDZ2JMd3dJYWZYMXZzTVg4M2kyMnpleGpnKzRqTXpqRXdCRVlKcVJZVkVlNDlLUWNDZTZGTU9XNzVJWUNNeXBZK2drZTUzMG1DWkJYSnZtWmVBczMvZE41bXluUkIrb0JsNzV4WlNqMmtzaERxazFUVTFzV0JkZlg5anVQK3NPYTd6bnBvUGtpSUxIc3hxQVRoeEsxNURCajdHcUNPZmVPOU83ZnpXcnFJRHREYXYxTXFJMGh4anpUbUNBVGIrTDhTYjNUNWlrVG81VWgxeng5cmorWFFXdW9XNVdtbmVMdWNlNXNXdlZGTVBUWTRMK25kVGwxcUtWTHVQb2JLdXU0dGxmMzRRYUFpNkd3Nm1xWU85dldkTVl3c2FUK2w0L2RLbHVwc08zQW9IN1ZtMHpSc3REWnRsL0ljd3dJTm95eWZRL3ZTd252dllVR3lnaVVqdDRUWGhPK1RVai9nYlBsV3ZHT3NNU2tqRmtzVTNmbWREWVpiWWYyR2d0NTVSQVNKbVlZYmFqbm1UZUpQcVNNalVWUzJySnBrQm02RDJUY2xrN0tvaFNJdUFvVmFueFVXVVNiL05JRmQyNmtLSDJYRVNIVW45UUUrdVozWklCZENkOUphNW9wK0lEUFM3N0tlR0MyODFOcU5Kai9ScGIwWVc0b0ZwQTgwbjJWNGpicDgzZzZ1N3BGdEV2Zkt6Wkx6U09odkdidU5Fa2xId3VrUFptZmh4RkNMN1hTaDZhR2NPZXhLY0RpQkZ6TUVaVHlUaUlaSTg5NFJWRFQyRURObVprVTgwdW5GMHdPS1JMdkVKMm03UFlxOW5JVXJWRXNqa0NraVJPRGh1M01JQUdFZ0tweThzTWdTR0R6QU5wN0VqOTRPU1pWRTQ4TWYrcW4waHdHazE4elN0bnhnOVJuWUVVcDcvUkwzSC9PdVE1TVRYZ1pmVzN5UlJXZFhpWFkxaHAwYjFxSFdJSmR3WUQxWnhpUHo3cFlpZ0VvMWlsdUhRUm0xamxQMkhEcWV6L0RBY2h5eEoyWU13QTVvaWNqS21sdnBLbHd4Vnh1T3pyTW53VyswWU9ycDFsQjBLRUp5ZldiT2IzMnFBeDNqa2p6SkhpS0hXZUdLZlErZUlMdStnSXF6cGhOR0twOFJGTjlxU09qWEdhRmNHcmFqSjlkaE1DUGhzOA%3D%3D
- https://cibago.com/r.php?u=https%3A%2F%2Ftrk.kstrk.com%2Ff461bb1e-4ad8-418d-a901-09f66e40750b%3Fkeyword%3D.ca.01.nonadult%26subid%3D1745057337%26cpv%3D0.010&s=j&enc=N9c6ku%2Bx2XJ%2ByjI5RpSa6349fkJXdG1yMlZsZUxTbXhodC9WS0FSL2VRKzlEbzViVmk3Y2Y5YjhjQ1JpRlVWYXRkaGRhTjJWdDMzWUdGSitoU1JJdFVnMXJKNGd3U3FDM1dveVY3Sm9zbXZWL25acmViOFhjeGpydnFKRU5QMFQ4bnJQV0RsMTFibHlHQi9mK1QyWUxrblIyQitPOXdBZVZDdFd3L0Y0WDB2NU1rR2d6Sy9FYnQ0UEdnTWVhUWppbXYyTjA1NmxiZ3pPMXNRYlhPaFE0RitJZktJUkswUGNoM2s2Y0VJSnZiM09Lb0VKeTdGQ2FUYlNFTFB1THM4TW5JZkF6Wi9SODdGUjFmMGdQemNWbjVsS2cvRkphUVV6Wmc1NEhTNUxwSzk0UWdNc2dhV2hYdUFZQWhGbHpaUU9HVDJEa1FaaW1JSlhkL3RYV1VtekNRdGtBVVpaYTl3a0xVU1pMY3oxZGJoM3U1cFhGTndOaEZHVWVqSzg5WDlJUWE4QVZqVUp0c3pHeHl2a0pVT1BydWRGdmZjRCtCc3ZNV3d6L3BOOFNTUGFmdWNYRXZHbHdhNTFYWVdicHNKNUtjK0hHOTdlVitSdm45YkptSUZTMUpOU3BmVVd6Z2JXdkdwdDFXVHVGdUpNNk5LTWVLRGdQbmYzSmZvaTFsZ3FjL3oybmxTeXVQZnFlQkZvYjNUWm9GRTdFYzRiM0srTzkvZFJxM2UxODZyNnRoOHNPYnhUWkNkb3poSTN3MHoxeHVYUjZVYS90dGt5a2dhampyUk1rN0tOb2lIMG9tSFVHc3JZZ09mRm83WmRFWmZ6ck5Fb09HcDlKZjd5OUUvT0dxUlhyQ0hZYklxTUoyOE5Ua2NMUXJ3MmM4QXRMWlAwWHptNjEyMGFHamI1SDJwUjhkZUd2NUdpTVZQeTdWWjh5QkhVcXBtOXFGSy94eXNPeDdCS2h0QmxQTzBZRlJmUEIxejhVQWttc3VQcjlsS05Xd29VRWVLa1pVRWsxLy8zcDdEYXYvbmZHS0ZOMkxzcFI2Wm1xdnlZYWladVN3dHkrUzJRR3B6K1dIYjBOZlZNaDhxZ0VhMDFtZFRTSVU2TmdtRVA5OUo4alhGTzR1ZWhCdDE5akoxYUI5SnBTS1kxV0VsTWxiK2VRT2tMS2IxU04yUUM0Rk5vOTdLc3ZWT3JiTUNxN01lRkEyNHIzNW1nTlhYTUw4OEswS3hqSzg2anhuNWY1c2NxZ0QxN3JGdVkxdVBmVDEwMGY2TjBIWVlzTU44NjUxbGxHRFlTaEFQRnFWNklLVWNwRC9oL2g5UDBPckV5c3g2VG8rT0hzOFRrNlkxbEkvRHZrdWNZaTg9&vs=1600:1200&ds=1600:1200&sl=1570:1170&os=f&nos=t&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=7fe7f2e16dd7f48c00a4ea8141734fea HTTP 302
- https://trk.kstrk.com/f461bb1e-4ad8-418d-a901-09f66e40750b?keyword=.ca.01.nonadult&subid=1745057337&cpv=0.010 HTTP 307
- https://trk.kstrk.com/f461bb1e-4ad8-418d-a901-09f66e40750b/2?keyword=.ca.01.nonadult&subid=1745057337&cpv=0.010
31 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
ulg1.net/ Redirect Chain
|
1017 B 765 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iife.min.js
ulg1.net/js/fingerprint/ |
33 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
xr.php
cibago.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
favicon.ico
ulg1.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscheck.php
cibago.com/ |
0 150 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.0 |
favicon.ico
cibago.com/ |
94 B 170 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2
trk.kstrk.com/f461bb1e-4ad8-418d-a901-09f66e40750b/ Redirect Chain
|
562 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Primary Request
/
roobet.com/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
agent.js
cdn.seondf.com/js/v5/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cashier.js
static.paymentiq.io/cashier/ |
50 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
product.01a0ba326228134a9ab6.css
roobet.com/ |
94 KB 71 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Roo.svg
roobet.com/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ecd93ce639d5340b84d5.b.js
roobet.com/ |
11 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
daa01424277f26401dc1.b.js
roobet.com/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
915f33c6f6158883c9d9.b.js
roobet.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
76e845b5c7036ae916e2.b.js
roobet.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
61a0fb0c4b2f38a61553.b.js
roobet.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
beacon.min.js
static.cloudflareinsights.com/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xcm-seal.js
b6fbd907-6224-495b-891d-cd23b3e29488.seals-xcm.certria.com/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
333 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google.com/ccm/ |
0 0 |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
404 KB 131 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
287 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 51CE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 550 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
rul
td.doubleclick.net/td/ga/ Frame B7A7 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ga-audiences
www.google.ca/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ulg1.net
- URL
- https://ulg1.net/favicon.ico
- Domain
- cdn.seondf.com
- URL
- https://cdn.seondf.com/js/v5/agent.js
- Domain
- roobet.com
- URL
- https://roobet.com/915f33c6f6158883c9d9.b.js
- Domain
- roobet.com
- URL
- https://roobet.com/76e845b5c7036ae916e2.b.js
- Domain
- roobet.com
- URL
- https://roobet.com/61a0fb0c4b2f38a61553.b.js
- Domain
- td.doubleclick.net
- URL
- https://td.doubleclick.net/td/ga/rul?tid=G-00JS1BZ93P&gacid=1308836168.1732813969>m=45je4bk0v884072335z8830374633za200zb830374633&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=726611891
- Domain
- www.google.ca
- URL
- https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-00JS1BZ93P&cid=1308836168.1732813969>m=45je4bk0v884072335z8830374633za200zb830374633&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1306625006
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| dataLayer object| webpackChunkroobet_fe object| google_tag_manager object| google_tag_data function| elementLoaded number| searchTimer object| regIntent function| _PaymentIQCashier function| _PaymentIQCashierReset object| beta object| gaGlobal function| onYouTubeIframeAPIReady function| ttd_dom_ready function| TTDUniversalPixelApi function| _TTDUniversalPixelApi object| ttdPixel9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| ulg1.net/ | Name: __tad Value: 1732813962.5782094 |
|
| .cibago.com/ | Name: __dsnsid Value: 20241129041244e99d56b195be912ec7 |
|
| .trk.kstrk.com/ | Name: f461bb1e-4ad8-418d-a901-09f66e40750b-v4 Value: zNu9oliV9-xRIJtjbI-9sCykcFZ1NwNqMFD37xdGNC4 |
|
| .trk.kstrk.com/ | Name: cc-v4 Value: iN3LUZY4hoOvREVphJg9Ko7wHVsEKMQxBZqssbSGxIXFVKM2SNvB3wy15Ho7piLqngV6tuZK1Z%2BNvHlQkmpCTRlIAlI%2BvjshxE8HcX2ZFBwnnUIz%2BkFtXSCUq1wxtu2AJPlpFJfni7SkxknyeiOy4w%3D%3D |
|
| go.roobetaffiliates.com/ | Name: roobet-v Value: 629473 |
|
| .roobet.com/ | Name: _gcl_au Value: 1.1.808618869.1732813969 |
|
| .roobet.com/ | Name: _ga_W62ERM8Q5Q Value: GS1.1.1732813968.1.0.1732813968.0.0.0 |
|
| .roobet.com/ | Name: _ga Value: GA1.1.1308836168.1732813969 |
|
| .roobet.com/ | Name: _ga_00JS1BZ93P Value: GS1.1.1732813968.1.0.1732813969.59.0.0 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
b6fbd907-6224-495b-891d-cd23b3e29488.seals-xcm.certria.com
cdn.seondf.com
cibago.com
go.roobetaffiliates.com
js.adsrvr.org
roobet.com
static.cloudflareinsights.com
static.paymentiq.io
stats.g.doubleclick.net
td.doubleclick.net
trk.kstrk.com
ulg1.net
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
cdn.seondf.com
roobet.com
td.doubleclick.net
ulg1.net
www.google.ca
103.224.182.206
108.139.33.128
13.226.34.70
15.204.67.7
2001:4860:4802:36::181
2600:9000:24f0:3600:1a:31ec:8a40:93a1
2600:9000:2510:7e00:b:ba05:1580:93a1
2606:4700:4400::6812:240d
2606:4700::6810:4f49
2607:f8b0:4004:c09::9b
2607:f8b0:4006:808::2004
2607:f8b0:4006:821::2008
2607:f8b0:4006:824::200e
35.234.86.61
01a0567df178f4841a6288926e99a3b74a974d9a94f9643893fb9f9a9e44e72f
19688a39a91ce00dbd05d9205894e15d301df2592af278b459cf9cfff714c6b5
2891c651941b5f3c111b024347deff63fcc57df9dd18e038e1868a954cf28c4a
2ac0b8881a60f47a4748cc89334624fe6789a23e4ebb3c5ceee4a248cee2a55a
67af4d77fbc41c8260296e923f0265b9bfc39c3490114d9952ba3bfb8697396f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9221cfedfc5e03790f46c7890bca21fcc47c5788d89dab0aa0799c492b6ae78a
9bde999f3b4e0a7b7a18f3f0751c7ef2fcedbafe20ec0c91df73a38b85baa785
9bf873dfa23d475694df7039274b1d0e0cf2f99ed367f541b3bb078ddbf63f61
9c12f0a11dd804b006899e4590f7bae65b5412ef11d665a02d24d31f992bcf4d
9db3fdcddd633bf20b9b0a4818a9ed1e61819c68353c52e95ab2240617ce5f9c
a197f40beeb1026b29d79f705bb375607b8132000c3be6d65b88428c836bd2ca
aab2e57f050c661662861ed14ffdd47ea58734535da82b292aef4f794c1c0159
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089
e0845607004c424ce059f724dc5b46fbdf96d0b0fc0bec9b5acfa2cd1f439a21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5611e0db4da31b276a78563f78bb58f389650dd064f23e31213d6d4dbbef2ec
e97410e0b07563499116419d1cbb8400a1a6f119afcc1f08288d3d637696e99a