apostaslive.bitcoincasinousa.com
Open in
urlscan Pro
198.58.116.74
Public Scan
URL:
http://apostaslive.bitcoincasinousa.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On April 03 via api from DE — Scanned from DE
Submission Tags: phish.gg anti.fish automated Search All
Submission: On April 03 via api from DE — Scanned from DE
Summary
This website contacted 21 IPs
in 7 countries
across 20 domains to perform 63 HTTP transactions.
The main IP is 198.58.116.74, located in
Richardson, United States and
belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG.
The main domain is apostaslive.bitcoincasinousa.com.
This is the only time apostaslive.bitcoincasinousa.com was scanned on urlscan.io!
This is the only time apostaslive.bitcoincasinousa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 12 | 198.58.116.74 198.58.116.74 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:811::200a | 15169 (GOOGLE) (GOOGLE) | |
| 2 3 | 104.18.18.47 104.18.18.47 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 75.102.57.54 75.102.57.54 | 23352 (SERVERCEN...) (SERVERCENTRAL) | |
| 3 | 83.147.204.12 83.147.204.12 | 202492 (SGHL1-AS) (SGHL1-AS) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:801::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2620:1ec:4e:1... 2620:1ec:4e:1::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 5 | 83.147.204.132 83.147.204.132 | 202492 (SGHL1-AS) (SGHL1-AS) | |
| 2 | 40.127.232.184 40.127.232.184 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 1 | 93.191.195.99 93.191.195.99 | 209924 (MLBLTD-AS) (MLBLTD-AS) | |
| 1 | 2606:4700::68... 2606:4700::6812:bd8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 83.147.205.153 83.147.205.153 | 202492 (SGHL1-AS) (SGHL1-AS) | |
| 3 | 2620:1ec:4f:1... 2620:1ec:4f:1::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 195.201.147.169 195.201.147.169 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 | 2606:4700:303... 2606:4700:3030::6815:2ed2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
| 1 | 216.18.168.28 216.18.168.28 | 29789 (REFLECTED) (REFLECTED) | |
| 8 | 2606:4700::68... 2606:4700::6811:6fa0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 13.69.68.15 13.69.68.15 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 10 | 2606:4700::68... 2606:4700::6812:d32c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700::68... 2606:4700::6811:6ba0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 63 | 21 |
12
198.58.116.74
(Richardson, United States)
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: txpro14.fcomet.com
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: txpro14.fcomet.com
| apostaslive.bitcoincasinousa.com | |
| apostaslive.com |
3
75.102.57.54
(Amsterdam, Netherlands)
ASN23352 (SERVERCENTRAL, US)
PTR: sh-europe100.banahosting.com
ASN23352 (SERVERCENTRAL, US)
PTR: sh-europe100.banahosting.com
| www.apostas.mobi |
2
40.127.232.184
(Dublin, Ireland)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| wlpartnersonly.adsrv.eacdn.com |
3
2620:1ec:4f:1::45
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| wlpartnersonly.eacdn.com |
1
195.201.147.169
(Gunzenhausen, Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.169.147.201.195.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.169.147.201.195.clients.your-server.de
| trk.22betpartners.com |
1
13.69.68.15
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| 575e53c686585416146c4c3c.tracker.bannerflow.com |
| Domain | Requested by | |
|---|---|---|
| 11 | apostaslive.com |
apostaslive.bitcoincasinousa.com
|
| 10 | c.bannerflow.net |
ads.leovegas.com
c.bannerflow.net |
| 8 | cdn.bannerflow.com |
mediaserver.entainpartners.com
cdn.bannerflow.com |
| 5 | refpasrasw.world |
apostaslive.bitcoincasinousa.com
refpasrasw.world |
| 3 | wlpartnersonly.eacdn.com |
wlpartnersonly.adsrv.eacdn.com
|
| 3 | refbanners.com |
apostaslive.bitcoincasinousa.com
refbanners.com |
| 3 | www.apostas.mobi |
apostaslive.bitcoincasinousa.com
|
| 2 | wlpartnersonly.adsrv.eacdn.com |
apostaslive.bitcoincasinousa.com
wlpartnersonly.eacdn.com |
| 2 | betwaypartners.com | 2 redirects |
| 1 | scripts.host.bannerflow.com |
cdn.bannerflow.com
|
| 1 | 575e53c686585416146c4c3c.tracker.bannerflow.com |
cdn.bannerflow.com
|
| 1 | trafforsrv.com |
apostaslive.bitcoincasinousa.com
|
| 1 | my.rtmark.net |
apostaslive.bitcoincasinousa.com
|
| 1 | ufpcdn.com |
trk.22betpartners.com
|
| 1 | trk.22betpartners.com |
refpasrasw.world
|
| 1 | affpa.top |
refbanners.com
|
| 1 | mediaserver.entainpartners.com |
apostaslive.bitcoincasinousa.com
|
| 1 | mediaserver.gvcaffiliates.com | 1 redirects |
| 1 | ads.leovegas.com |
apostaslive.bitcoincasinousa.com
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | www.betwaypartners.com |
apostaslive.bitcoincasinousa.com
|
| 1 | fonts.googleapis.com |
apostaslive.bitcoincasinousa.com
|
| 1 | apostaslive.bitcoincasinousa.com | |
| 0 | retaraka.ru Failed |
trk.22betpartners.com
|
| 0 | wloddsring.adsrv.eacdn.com Failed |
apostaslive.bitcoincasinousa.com
|
| 63 | 25 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| apostas.mobi cPanel, Inc. Certification Authority |
2023-02-27 - 2023-05-28 |
3 months | crt.sh |
| *.refbanners.com R3 |
2023-01-13 - 2023-04-13 |
3 months | crt.sh |
| ntrfr.gogocasino.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-27 - 2023-10-22 |
a year | crt.sh |
| *.refpasrasw.world R3 |
2023-03-03 - 2023-06-01 |
3 months | crt.sh |
| *.adsrv.eacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-18 - 2023-08-15 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-07 - 2024-02-06 |
a year | crt.sh |
| *.affpa.top R3 |
2023-03-18 - 2023-06-16 |
3 months | crt.sh |
| ia-prod-azurecdn.eacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-29 - 2023-11-30 |
a year | crt.sh |
| trk.22betpartners.com R3 |
2023-02-12 - 2023-05-13 |
3 months | crt.sh |
| rtmark.net R3 |
2023-02-15 - 2023-05-16 |
3 months | crt.sh |
| *.trafforsrv.com Sectigo RSA Domain Validation Secure Server CA |
2022-11-03 - 2023-11-16 |
a year | crt.sh |
| *.tracker.bannerflow.com R3 |
2023-03-30 - 2023-06-28 |
3 months | crt.sh |
| bannerflow.com Cloudflare Inc ECC CA-3 |
2022-12-26 - 2023-12-26 |
a year | crt.sh |
This page contains 13 frames:
Primary Page:
http://apostaslive.bitcoincasinousa.com/
Frame ID: 8FF9DDB9FB342AF9050AA23D14EC5D27
Requests: 18 HTTP requests in this frame
Frame:
https://refbanners.com/I?tag=d_28207m_28619c_&site=28207&ad=28619
Frame ID: 116F40175AF7AE7A520BD00312A5FA14
Requests: 4 HTTP requests in this frame
Frame:
https://ads.leovegas.com/ad.aspx?bid=15928&pid=3650092
Frame ID: 47605361DEF608CCF8D166CB810E6F30
Requests: 10 HTTP requests in this frame
Frame:
https://refpasrasw.world/I?tag=d_596065m_32337c_&site=596065&ad=32337
Frame ID: 62F745F0F96AEEEBFAABAEB67D2092CA
Requests: 9 HTTP requests in this frame
Frame:
https://wlpartnersonly.adsrv.eacdn.com/I.ashx?btag=a_521b_10984c_&affid=351&siteid=521&adid=10984&c=
Frame ID: 349B3B73DF86714AE63BFB0884E02C13
Requests: 4 HTTP requests in this frame
Frame:
https://wloddsring.adsrv.eacdn.com/I.ashx?btag=a_605b_178c_&affid=8315222&siteid=605&adid=178&c=
Frame ID: 2FAC9D5CD1DAEC5D6B6C024C0780B98D
Requests: 1 HTTP requests in this frame
Frame:
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y
Frame ID: D4C312C2901BB70969DFB86CFABBE947
Requests: 4 HTTP requests in this frame
Frame:
https://ufpcdn.com/script/get.html
Frame ID: A7F8FD8B6F62AE0C05B2030FA709511F
Requests: 1 HTTP requests in this frame
Frame:
https://wlpartnersonly.adsrv.eacdn.com/T.ashx?btag=a_521b_10984c_&affid=351&siteid=521&adid=10984&c=&t=638161050090440000&MediaID=13168&MediaIndex=0&XYZ=120%260%26148%26%26%26%260%260%26%26
Frame ID: B6A6B361F66E53A9D18F8FBBCF150B69
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.rGH0urbi00C6.html?cb=637076018826615287&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Frame ID: 66559BBCE80F7E07823E9E437FD57B47
Requests: 2 HTTP requests in this frame
Frame:
https://cdn.bannerflow.com/bf-banners/59561c98bd8d3e173850c939.html?cb=637076018807842946&clickpixel=%2F%2F575e53c686585416146c4c3c.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522pgsm%2522%252C%2522brand%2522%253A%2522575e53c686585416146c4c3c%2522%252C%2522placement%2522%253A%25225dc30a1c509e6d169063b06c%2522%252C%2522ad%2522%253A%252259561c98bd8d3e173850c93a%2522%252C%2522bannerset%2522%253A%252258d91bcf9db2143fe8a27676%2522%252C%2522banner%2522%253A%252259561c98bd8d3e173850c939%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%252259561c98bd8d3e173850c939%2522%257D&targetwindow=_blank&clickservice=https://mediaserver.entainpartners.com/trackAffiliateClick.do?zoneId=1908321&trackerId=4905519&wm=4905519&zoneid=1908321&ref=http%3A%2F%2Fapostaslive.bitcoincasinousa.com%2F
Frame ID: 8B627C802D51F5994DC8A2CFD5790261
Requests: 5 HTTP requests in this frame
Frame:
blob://https://ads.leovegas.com/8eb3ab6c-7482-43a9-b13a-cc47d8c41860
Frame ID: 718D3B6B47BC697689FB2F5317BEB864
Requests: 1 HTTP requests in this frame
Frame:
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2F4113b773-5490-4e4f-8d9e-d159dbdaae53.jpg&w=1920&h=1080&q=85&f=webp&rt=contain
Frame ID: F98BF0A3899E8DF72D2041E335432138
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Apostas Live .com – Apostas esportivas online Live.Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
URL: https://apostaslive.com/
Title: Apostas Live .com
Title: Apostas Live .com
Search URL Search Domain Scan URL
URL: https://apostaslive.com/bonus-apostas-live/
Title: Bonus Apostas Live
Title: Bonus Apostas Live
Search URL Search Domain Scan URL
URL: https://apostaslive.com/cassinos-online/
Title: Cassinos Online
Title: Cassinos Online
Search URL Search Domain Scan URL
URL: https://apostaslive.com/apostas-live/
Title: Apostas Live
Title: Apostas Live
Search URL Search Domain Scan URL
URL: https://apostaslive.com/author/antonio/
Title: antonio
Title: antonio
Search URL Search Domain Scan URL
URL: http://refpa.top/L?tag=d_28207m_2778c_&site=28207&ad=2778
Title: 1xbet brasil
Title: 1xbet brasil
Search URL Search Domain Scan URL
URL: https://banners.livepartners.com/click.php?z=114507
Title: NetBet
Title: NetBet
Search URL Search Domain Scan URL
URL: https://betway.com/pt/affbanner/?s=bw209601&mid=81809
Title: Betway
Title: Betway
Search URL Search Domain Scan URL
URL: https://refpasrasw.world/L?tag=d_596065m_7999c_&site=596065&ad=7999
Title: 22bet
Title: 22bet
Search URL Search Domain Scan URL
URL: http://wloddsring.adsrv.eacdn.com/C.ashx?btag=a_605b_33c_&affid=8315222&siteid=605&adid=33&c=
Title: SuperAposta
Title: SuperAposta
Search URL Search Domain Scan URL
URL: https://ads.betfair.com/redirect.aspx?pid=2713&bid=10443
Title: Betfair
Title: Betfair
Search URL Search Domain Scan URL
URL: http://wlpartnersonly.adsrv.eacdn.com/C.ashx?btag=a_521b_11494c_&affid=351&siteid=521&adid=11494&c=
Title: Betmotion
Title: Betmotion
Search URL Search Domain Scan URL
URL: http://record.betsson.com/_V8kB1-DnXPYIYxvCZpIFdmNd7ZgqdRLk/1/
Title: betsson
Title: betsson
Search URL Search Domain Scan URL
URL: https://sports.sportingbet.com/pt-br/sports/4/apostas/futebol?wm=4905519&zoneId=1908321
Title: Sportingbet
Title: Sportingbet
Search URL Search Domain Scan URL
URL: https://www.rivalo.com/?affiliateId=230852&bannerId=908
Title: Rivalo
Title: Rivalo
Search URL Search Domain Scan URL
URL: https://ads.leovegas.com/redirect.aspx?pid=3650092&bid=15794
Title: LeoVegas
Title: LeoVegas
Search URL Search Domain Scan URL
URL: http://affiliates.partnersonly.com/processing/clickthrgh.asp?btag=a_521b_3254
Title: Betmotion
Title: Betmotion
Search URL Search Domain Scan URL
URL: http://www.jogoresponsavel.com.br/
Search URL Search Domain Scan URL
URL: https://athemes.com/theme/hiero/
Title: Hiero
Title: Hiero
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- http://betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749 HTTP 301
- https://betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749 HTTP 302
- https://www.betwaypartners.com/affiliate_media/96b64b459f6bc6ce.gif?fid=92755&si=70552&ai=484749
- https://mediaserver.gvcaffiliates.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y HTTP 301
- https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1908321&t=f&v=1&securedDomain=y
63 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
apostaslive.bitcoincasinousa.com/ |
32 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.min.css
apostaslive.com/wp-includes/css/dist/block-library/ |
87 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
athemes-glyphs.css
apostaslive.com/wp-content/themes/hiero/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
apostaslive.com/wp-content/themes/hiero/css/ |
104 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
apostaslive.com/wp-content/themes/hiero/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
apostaslive.com/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate.min.js
apostaslive.com/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
apostaslive.com/wp-content/themes/hiero/js/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
superfish.js
apostaslive.com/wp-content/themes/hiero/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
supersubs.js
apostaslive.com/wp-content/themes/hiero/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
settings.js
apostaslive.com/wp-content/themes/hiero/js/ |
458 B 686 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-emoji-release.min.js
apostaslive.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
96b64b459f6bc6ce.gif
www.betwaypartners.com/affiliate_media/ Redirect Chain
|
16 KB 16 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jogoresponsavel.jpg
www.apostas.mobi/wp-content/uploads/2020/03/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
I
refbanners.com/ Frame 116F |
625 B 609 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
fonts.gstatic.com/s/yanonekaffeesatz/v24/ |
25 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ad.aspx
ads.leovegas.com/ Frame 4760 |
263 B 906 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
I
refpasrasw.world/ Frame 62F7 |
737 B 650 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
I.ashx
wlpartnersonly.adsrv.eacdn.com/ Frame 349B |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
I.ashx
wloddsring.adsrv.eacdn.com/ Frame 2FAC |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
renderBanner.do
mediaserver.entainpartners.com/ Frame D4C3 Redirect Chain
|
329 B 740 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
netbetbrazil.gif
www.apostas.mobi/wp-content/uploads/2020/03/ |
20 KB 20 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
728x90_v3rivalo.gif
www.apostas.mobi/wp-content/uploads/2016/11/ |
73 KB 73 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4867ac6e-4e7c-43c5-816f-1df23af22e16.gif
affpa.top/img/AdAgent_1/ Frame 116F |
113 KB 113 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checker.js
refbanners.com/checker/ Frame 116F |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
343b5d14-b5b5-4fd9-b7b6-637a6a69cd4e.jpg
refpasrasw.world/img/AdAgent_15/ Frame 62F7 |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checker.js
refpasrasw.world/checker/ Frame 62F7 |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
refpasrasw.world/Script/ Frame 62F7 |
177 B 416 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s.5.6.min.js
wlpartnersonly.eacdn.com/TrafficOpt/ Frame 349B |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Ad_10984.js
wlpartnersonly.eacdn.com/wlpartnersonly/affimages/js/ Frame 349B |
688 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
refpasrasw.world/redirect/stat/run/ Frame 62F7 |
14 B 198 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
analytics.js
trk.22betpartners.com/ Frame 62F7 |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
refbanners.com/redirect/stat/run/ Frame 116F |
14 B 198 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
retarget.min.js
retaraka.ru/ Frame 62F7 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get.html
ufpcdn.com/script/ Frame A7F8 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
my.rtmark.net/ Frame 62F7 |
43 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
retargeting.php
trafforsrv.com/ Frame 62F7 |
35 B 555 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
T.ashx
wlpartnersonly.adsrv.eacdn.com/ Frame B6A6 |
0 719 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4c897dc2-46d5-4999-bf52-7971c2c93fa4.gif
wlpartnersonly.eacdn.com/wlpartnersonly/affimages/ Frame 349B |
12 KB 12 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5dc30a1c509e6d169063b06c
cdn.bannerflow.com/bf-placements/ Frame D4C3 |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
render.min.js
cdn.bannerflow.com/scripts/1.5.8/ Frame D4C3 |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
59561c98bd8d3e173850c939.rGH0urbi00C6.html
cdn.bannerflow.com/bf-banners/ Frame 6655 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel
575e53c686585416146c4c3c.tracker.bannerflow.com/api/tr/v1/ Frame D4C3 |
32 B 481 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
59561c98bd8d3e173850c939.rGH0urbi00C6.gif
cdn.bannerflow.com/bf-images/ Frame 6655 |
35 KB 35 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
62a8df1c7f785aa8b1157bb1
c.bannerflow.net/a/ Frame 4760 |
69 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
preload.jpg
c.bannerflow.net/accounts/leovegas/55634380f50b9613805936af/published/2503433/5243398/ Frame 4760 |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
c.bannerflow.net/tr/v2/pixel/ Frame 4760 |
0 81 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
59561c98bd8d3e173850c939.html
cdn.bannerflow.com/bf-banners/ Frame 8B62 |
31 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bf.min.js
scripts.host.bannerflow.com/1.0.2/ Frame 8B62 |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sbbr-serieb-728x90-599593c2-d550-4572-bd37-128d2856c45b-cx-8-cy-0-cw-702-ch-90-noopt.jpg
cdn.bannerflow.com/resources/cropping/ Frame 8B62 |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-en-nolead-99837248-7bd5-4f52-950d-818b557c1f11-200x49.png
cdn.bannerflow.com/resources/ Frame 8B62 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FrutigerNeueLTW1G-Heavy-a50ebf27-c4ac-4e24-aa28-a52fcb431e22-3209679913567323106-subset.woff
cdn.bannerflow.com/resources/ Frame 8B62 |
4 KB 5 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
document.0000002114FCDC.js
c.bannerflow.net/accounts/leovegas/55634380f50b9613805936af/published/2503433/5243398/ Frame 4760 |
18 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
animated-creative.2ba8c049764d090ba20c.js
c.bannerflow.net/scripts/ Frame 4760 |
156 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4760 |
66 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
8eb3ab6c-7482-43a9-b13a-cc47d8c41860
https://ads.leovegas.com/ Frame 718D |
668 B 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font
c.bannerflow.net/fs/api/v2/ Frame 4760 |
9 KB 9 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font
c.bannerflow.net/fs/api/v2/ Frame 4760 |
4 KB 4 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font
c.bannerflow.net/fs/api/v2/ Frame 4760 |
9 KB 9 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
optimize
c.bannerflow.net/io/api/image/ Frame F98B |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
optimize
c.bannerflow.net/io/api/image/ Frame F98B |
20 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
optimize
c.bannerflow.net/io/api/image/ Frame F98B |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
optimize
c.bannerflow.net/io/api/image/ Frame F98B |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- wloddsring.adsrv.eacdn.com
- URL
- https://wloddsring.adsrv.eacdn.com/I.ashx?btag=a_605b_178c_&affid=8315222&siteid=605&adid=178&c=
- Domain
- retaraka.ru
- URL
- https://retaraka.ru/retarget.min.js
- Domain
- c.bannerflow.net
- URL
- https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2F4113b773-5490-4e4f-8d9e-d159dbdaae53.jpg&w=1920&h=1080&q=85&f=webp&rt=contain
- Domain
- c.bannerflow.net
- URL
- https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fleovegas%2F55634380f50b9613805936af%2Fimages%2Fabecf43a-377b-493e-9eb0-df9d59e9fb9f.png&w=104&h=25&q=85&f=webp&rt=contain
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery object| $ULs object| twemoji object| wp9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| wlpartnersonly.adsrv.eacdn.com/ | Name: CEK Value: a |
|
| my.rtmark.net/ | Name: ID Value: e07a254c956e4b42bcb7eb8067b6ebc7 |
|
| trafforsrv.com/ | Name: sppc_uuid Value: 38cfb70c-5bd8-48c5-9a92-8b8860dc5595 |
|
| wlpartnersonly.adsrv.eacdn.com/ | Name: XYZ Value: 120&0&148&&&&0&1&&c5e956ee-dbeb-4c66-a959-51f30fb2de24&a_521b_10984&& |
|
| wlpartnersonly.adsrv.eacdn.com/ | Name: A_10984 Value: a=10984&r=0&fv=20230403&lv=20230403075009&vc=1&fc=0&lc=0&cc=0 |
|
| .betwaypartners.com/ | Name: __cf_bm Value: 6fTZgT.jUzmEHtYiwcw_DeYWsUqSQVZPe2.GBlocsyg-1680508209-0-Ae2uZLeWQDxaTcA1NXZybJ6IXsyKnAnJBwgA1LL9NncrxOiKRMoH4DGaGPMHfAFHdRB8dumEesZ1261WK8GEmkQ= |
|
| .entainpartners.com/ | Name: __cf_bm Value: sGctVBWuplGU05QkJ6wbiAKeSgkXbWu1v4gKOMiavZs-1680508209-0-AWJKeSsm8m0lsylLVdBZdYGpM35EeLTXm4yr2TLXI/slLcrL5lHgkMKvI0rPFwTsc6SQMAbag7ZBPLsndqnDnjM= |
|
| 575e53c686585416146c4c3c.tracker.bannerflow.com/ | Name: cc Value: AVdeU8aGWFQWFGxMPF3DChxQnm0WkGOwbFlWHJi9jT4XOFDJOQDXswAAAR5hcG9zdGFzbGl2ZS5iaXRjb2luY2FzaW5vdXNhLmM- |
|
| .leovegas.com/ | Name: NetRefer_CookieUniTrack_V Value: %5b%7b%22PID%22%3a3650092%2c%22BID%22%3a15928%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1680508208923)%5c%2f%22%2c%22CookieTag%22%3a%22159283650092403101C202343750%22%7d%5d |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
575e53c686585416146c4c3c.tracker.bannerflow.com
ads.leovegas.com
affpa.top
apostaslive.bitcoincasinousa.com
apostaslive.com
betwaypartners.com
c.bannerflow.net
cdn.bannerflow.com
fonts.googleapis.com
fonts.gstatic.com
mediaserver.entainpartners.com
mediaserver.gvcaffiliates.com
my.rtmark.net
refbanners.com
refpasrasw.world
retaraka.ru
scripts.host.bannerflow.com
trafforsrv.com
trk.22betpartners.com
ufpcdn.com
wloddsring.adsrv.eacdn.com
wlpartnersonly.adsrv.eacdn.com
wlpartnersonly.eacdn.com
www.apostas.mobi
www.betwaypartners.com
c.bannerflow.net
retaraka.ru
wloddsring.adsrv.eacdn.com
104.18.18.47
13.69.68.15
139.45.195.8
195.201.147.169
198.58.116.74
216.18.168.28
2606:4700:3030::6815:2ed2
2606:4700::6811:6ba0
2606:4700::6811:6fa0
2606:4700::6812:bd8
2606:4700::6812:d32c
2620:1ec:4e:1::45
2620:1ec:4f:1::45
2a00:1450:4001:801::2003
2a00:1450:4001:811::200a
40.127.232.184
75.102.57.54
83.147.204.12
83.147.204.132
83.147.205.153
93.191.195.99
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
12a698f19828bebe8f29cbdd35621fdf8af7b54ee5418f8b531fefddb7184ccf
177cd9f4ce7cd61fd3aa6d51ce7e618640fecd6a4b1df991853cbbecdc213243
186c40d06fc13830497a7b9f42bc14538c1b7fa0b98560c7911e6e1a935f769d
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
1c57101bb57275c8c8cafc5d6216131a378c4388a52656ed3770068cd0ab10b9
1cf44019f8ed3629fc783cf4005868ec49df771d2dc01da048789a8528ad376d
2030670e741bd3c703b83ff53fd2193e3dd69db63bc4344d1d0eb3082740858c
2184040d479d84587f5fee0684936810117f97981b7208f20d2686f3df02f26f
2c63172eb629de490d928f81262ef1e4041cf768b509c17e44c0d5094b255db0
337fe5a065bf44991ef468583e6abc124d81b9e21ea8980b770fe8d154d310dc
370e86f95908740f4ca602ae7f90f0f486b87fc1844eefc18fd920dda6d8653b
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
3ddcf90158d6d3b5cadf6b8262038048d8b070631928d0a23038036f2185d15c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f06ade53b777fbda1f8567d9cfb64ae62758bf2955829291af074763c427130
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6255ffd166db73f3fe2877b351bad237b62cc5e759273ed3985b89baeb3673e5
692202887eb4ccda9683e3b1742871b576c715ce61679f8edeaef86f7b08a56b
70cb866e223d85d2d1e8e40c4c8a974d31ba828166f63649c9d7445e42f461ee
7215d013491b9d1095cefe44350df1d9ffd20bfd9885cfcbfbd25c695b06187d
74456e0eb2cfd6cd762dedd8f50f63c0282a16b97f92e289aa29a180ab2a9ed2
7586b9e64f3df13c21479b161e873a7b174a86be0dc6d7d4c4972672e5589e96
76f8a107d4c7cc7f586727e9b7bb00f497ba5816a5b4942ca2b993334755d00e
78139a222ffa67be2661292396fefa8f5001f5b9f67e3e5969229c96a741c898
7b234df2a5abd826b0f97057fb82229c390e8061434acec673c223200c7fc9a3
84dee87c6cd7664f7ec48c2b4688a49ea716354f5ca0cac17675467a580b2ab6
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
874cecef21bfc38c930f6afa069d3298cdf24736f45196af4500a1cebf412285
90c80efd7412a6230c07af29b429fd0cd28e308082852857098251d1f31a1307
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
9da9e194958d8cc59f425a3a21d39dd7db967cb424c1e6d5ed4388c03757b84c
9f3a8ca6c59bb47419f2d5561d604bdd2d62e7769bb0fa7bbc8117a30e62ed09
a09bef2f8f43a8be1553f123ff021a2c65d0b9a01f2ec281bcd9135a4cbc5464
a2a6a2711d9987f87740d95ed09ecd902065e20250001b577b2c1930a618be1b
a351f65d90b756398fc684bd75730beeb59ef4bc568ad04d40539c9951302b26
a702f8eff035674b33bdb4128ebc271e050dce7463bf70cb9e42dffc677c5513
a90af1111b43fbf301d80143e5e2cfe2a1a79ec54ad8a200bbed010d6a4044ef
b010806e27150d57cc02b5b112946598f444c935fe96a7f4d655aa5e8fd3728b
b1e1c1975680cede3dcdbf7b667e98e29232826d7c5a71f6306a4a30bb92662d
b260d056edb6c39eeeed00ffc7bccded9160bb9c1f03c62d77a99181ae88a08b
b3200581983512a4c9c7f9c53e2330a35c28edeebd51fd8a70d8510102ed6996
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bbb308b822dc108d1d72667a76cc1300c61d62b2a6aa76814d160afc5c24e167
bbbd42e8b062056f9aaa9fd6ff1c2d0b83462e1abbf1ff558dd1dfa1dbdd6eb2
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c17e2e405e202306a1593ccb35d514da7af18f411e9d7a31e0556e16bc4f43df
c6c0530410b587e023f52ad084f5102f6a3d1e3dc20d0ab9cfc350d1ad1efdb7
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d1a0336aa8e0f21a01f5da81263d01fd61a4d64ddd48e2760b4bb6f9068b7c46
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d9e670c2fd5aaf09df614d38ecbcacc53869788d00cd4a8212e14c380e6b7d38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecbd308a0759262635980298fe3491ae93666dc2e8af420496c8e6ab77e1231f
f316edba5d088adfa0f0e901daa68a75cd22a9f8c16ae1260518d9b4fab319aa
f79fde7a6792fdeb6cad7c78354a8e327a6661cf48d0ccf25834e8f9e944231c
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939