win.gg
Open in
urlscan Pro
18.158.98.109
Public Scan
Submission: On October 05 via manual from SK — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 17th 2021. Valid for: 3 months.
This is the only time win.gg was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
win.gg |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-17.fra2.r.cloudfront.net
platform-api.sharethis.com |
ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
l.sharethis.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com | |
analytics.google.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-212-95-222.us-west-2.compute.amazonaws.com
gw.oribi.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-174-194.compute-1.amazonaws.com
cs.choozle.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com |
ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-120-40.eu-west-1.compute.amazonaws.com
insight.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
win.gg
win.gg |
189 KB |
8 |
google-analytics.com
www.google-analytics.com |
57 KB |
7 |
oribi.io
cdn.oribi.io gw.oribi.io |
37 KB |
5 |
choozle.com
5 redirects
cs.choozle.com |
3 KB |
4 |
adsrvr.org
3 redirects
match.adsrvr.org insight.adsrvr.org |
1 KB |
4 |
doubleclick.net
2 redirects
stats.g.doubleclick.net cm.g.doubleclick.net |
1 KB |
4 |
ensighten.com
nexus.ensighten.com |
11 KB |
3 |
rlcdn.com
2 redirects
idsync.rlcdn.com |
1 KB |
3 |
sharethis.com
platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com |
42 KB |
2 |
google.de
www.google.de |
629 B |
2 |
google.com
analytics.google.com www.google.com |
884 B |
2 |
googletagmanager.com
www.googletagmanager.com |
98 KB |
2 |
youtube.com
www.youtube.com |
46 KB |
1 |
cloudfront.net
d1eoo1tco6rr5e.cloudfront.net |
699 B |
1 |
bluekai.com
1 redirects
tags.bluekai.com |
746 B |
1 |
winners.bet
cdn.winners.bet |
941 B |
1 |
jsdelivr.net
cdn.jsdelivr.net |
23 KB |
1 |
googleapis.com
ajax.googleapis.com |
31 KB |
70 | 18 |
Domain | Requested by | |
---|---|---|
32 | win.gg |
win.gg
|
8 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
6 | gw.oribi.io |
cdn.oribi.io
|
5 | cs.choozle.com | 5 redirects |
4 | nexus.ensighten.com |
www.googletagmanager.com
nexus.ensighten.com |
3 | idsync.rlcdn.com |
2 redirects
win.gg
|
2 | insight.adsrvr.org |
1 redirects
d1eoo1tco6rr5e.cloudfront.net
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | match.adsrvr.org | 2 redirects |
2 | www.google.de |
win.gg
|
2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
2 | www.googletagmanager.com |
win.gg
www.googletagmanager.com |
2 | www.youtube.com |
win.gg
www.youtube.com |
1 | d1eoo1tco6rr5e.cloudfront.net |
nexus.ensighten.com
|
1 | www.google.com |
win.gg
|
1 | tags.bluekai.com | 1 redirects |
1 | analytics.google.com |
www.googletagmanager.com
|
1 | cdn.oribi.io |
win.gg
|
1 | cdn.winners.bet |
win.gg
|
1 | l.sharethis.com |
platform-api.sharethis.com
|
1 | buttons-config.sharethis.com |
platform-api.sharethis.com
|
1 | cdn.jsdelivr.net |
win.gg
|
1 | ajax.googleapis.com |
win.gg
|
1 | platform-api.sharethis.com |
win.gg
|
70 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
winners.net |
winners.bet |
youtube.com |
www.instagram.com |
www.facebook.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
win.gg R3 |
2021-08-17 - 2021-11-15 |
3 months | crt.sh |
sharethis.com Amazon |
2021-07-19 - 2022-08-17 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.winners.bet Amazon |
2021-07-23 - 2022-08-21 |
a year | crt.sh |
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-14 - 2022-10-12 |
a year | crt.sh |
oribi.io Amazon |
2021-06-18 - 2022-07-17 |
a year | crt.sh |
*.oribi.io Amazon |
2021-08-29 - 2022-09-27 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2021-02-25 - 2022-03-28 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2021-03-18 - 2022-04-19 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://win.gg/news/7796/how-to-download-your-twitch-clips-and-everyone-else's-too
Frame ID: 97825F2EA424BAFF340BD47430905A90
Requests: 68 HTTP requests in this frame
Frame:
https://d1eoo1tco6rr5e.cloudfront.net/2tetedh/g27akpq/iframe
Frame ID: 8821FC6A913538326E2AE016B83F6ED4
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Page not found - WIN.ggDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
- wp-embed\.min\.js\?ver=([\d.]+)
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Ensighten (Tag Managers) Expand
Detected patterns
- //nexus\.ensighten\.com/
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Oribi (Analytics) Expand
Detected patterns
- cdn\.oribi\.io
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
- /([\d.]+)/jquery(?:\.min)?\.js
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 54- https://cs.choozle.com/dp/chz/24899?d=win.gg&cb=8610124625 HTTP 302
- https://cs.choozle.com/sync HTTP 302
- https://cs.choozle.com/sync?v=true&cid=8632476a-5b0e-4301-850a-15b3e6e911db HTTP 302
- https://tags.bluekai.com/site/48443?id=8632476a-5b0e-4301-850a-15b3e6e911db&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3D8632476a-5b0e-4301-850a-15b3e6e911db HTTP 302
- https://cs.choozle.com/sync?pid=$_BK_UUID&dpsync=bk&cid=8632476a-5b0e-4301-850a-15b3e6e911db HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_puid=8632476a-5b0e-4301-850a-15b3e6e911db&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_puid=8632476a-5b0e-4301-850a-15b3e6e911db&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
- https://cs.choozle.com/sync?pid=7e6023b8-3112-4a62-9ad1-47e6840d3621&dpsync=ttd&cid=8632476a-5b0e-4301-850a-15b3e6e911db HTTP 302
- https://idsync.rlcdn.com/459489.gif?partner_uid=8632476a-5b0e-4301-850a-15b3e6e911db HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJDg2MzI0NzZhLTViMGUtNDMwMS04NTBhLTE1YjNlNmU5MTFkYhAAGg0IhsXwigYSBQjoBxAAQgBKAA HTTP 307
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
- https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFkK1WWxQ_Fa7z6BTpXLfCQ&google_cver=1
- https://insight.adsrvr.org/tags/2tetedh/g27akpq/iframe HTTP 303
- https://d1eoo1tco6rr5e.cloudfront.net/2tetedh/g27akpq/iframe
70 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
how-to-download-your-twitch-clips-and-everyone-else's-too
win.gg/news/7796/ |
92 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
win.gg/wp-content/themes/win/css/ |
205 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom-styles.css
win.gg/wp-content/themes/win/css/ |
2 KB 939 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
win.gg/wp-includes/css/dist/block-library/ |
79 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blocks.style.build.css
win.gg/wp-content/plugins/embedpress/Gutenberg/dist/ |
1 KB 638 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dashicons.min.css
win.gg/wp-includes/css/ |
58 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rounded-thumbs.min.css
win.gg/wp-content/plugins/contextual-related-posts/css/ |
1 KB 592 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embedpress.css
win.gg/wp-content/plugins/embedpress/assets/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mu-style.css
win.gg/wp-content/plugins/sharethis-share-buttons/css/ |
26 B 242 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
win-gg-public.css
win.gg/wp-content/plugins/win-gg/public/css/ |
98 B 335 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
win.gg/wp-content/themes/win/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pdfobject.min.js
win.gg/wp-content/plugins/embedpress/assets/js/ |
13 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
win.gg/wp-includes/js/jquery/ |
87 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
win.gg/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharethis.js
platform-api.sharethis.com/js/ |
183 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
win-gg-public.js
win.gg/wp-content/plugins/win-gg/public/js/ |
838 B 806 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm4wp-youtube.js
win.gg/wp-content/plugins/duracelltomi-google-tag-manager/js/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics-talk-content-tracking.js
win.gg/wp-content/plugins/duracelltomi-google-tag-manager/js/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wpp.min.js
win.gg/wp-content/plugins/wordpress-popular-posts/assets/js/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
myloadmore.js
win.gg/wp-content/themes/win/js/ |
1 KB 746 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube-icon.svg
win.gg/wp-content/themes/win/assets/ |
704 B 739 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/js/ |
77 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
win.gg/wp-content/themes/win/js/ |
2 KB 957 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
win.gg/wp-content/themes/win/js/ |
2 KB 807 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
front.js
win.gg/wp-content/plugins/embedpress/assets/js/ |
2 KB 983 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation.js
win.gg/wp-content/themes/win/js/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
win.gg/wp-includes/js/ |
1 KB 943 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
win.gg/wp-includes/js/ |
18 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
60fa285f7c9b910013246b5d.js
buttons-config.sharethis.com/js/ |
1 KB 909 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pview
l.sharethis.com/ |
0 328 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
980 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
138 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/9fd4fd09/www-widgetapi.vflset/ |
136 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo--dark.png
win.gg/wp-content/themes/win/assets/ |
13 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sun--dark.png
win.gg/wp-content/themes/win/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search--dark.svg
win.gg/wp-content/themes/win/assets/ |
608 B 753 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
404.dark.png
win.gg/wp-content/themes/win/assets/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wingg.svg
cdn.winners.bet/bet/static/images/icons/ |
1 KB 941 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
winnersNet--dark.webp
win.gg/wp-content/themes/win/assets/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
winnersBet--dark.png
win.gg/wp-content/themes/win/assets/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
122 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/choozle/15154/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oribi.js
cdn.oribi.io/Xy0xODg1MDA0Nzk1/ |
108 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 201 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.google-analytics.com/gtm/ |
92 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
gw.oribi.io/ |
0 403 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 457 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/choozle/15154/ |
401 B 543 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 362 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 522 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
023efb217eee1cbb71f657f0ff77d993.js
nexus.ensighten.com/choozle/15154/code/ |
1 KB 869 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7e3bcccbe9be6061a65a6eb142929580.js
nexus.ensighten.com/choozle/15154/code/ |
2 KB 558 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
362358.gif
idsync.rlcdn.com/ Redirect Chain
|
42 B 317 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 522 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe
d1eoo1tco6rr5e.cloudfront.net/2tetedh/g27akpq/ Frame 8821 Redirect Chain
|
138 B 699 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
insight.adsrvr.org/track/pxl/ Frame 8821 |
70 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
gw.oribi.io/ |
0 402 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
gw.oribi.io/ |
0 402 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
gw.oribi.io/ |
0 402 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
gw.oribi.io/ |
0 402 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
gw.oribi.io/ |
0 402 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 130 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
116 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster string| gtm4wp_datalayer_name object| dataLayer boolean| gtm4wp_scrollerscript_debugmode number| gtm4wp_scrollerscript_callbacktime number| gtm4wp_scrollerscript_readerlocation string| gtm4wp_scrollerscript_contentelementid number| gtm4wp_scrollerscript_scannertime object| _wpemojiSettings object| PDFObject function| $ function| jQuery object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ number| gtm4wp_youtube_percentage_tracking object| gtm4wp_youtube_percentage_tracking_timeouts object| gtm4wp_youtube_percentage_tracking_marks object| tag object| firstScriptTag undefined| gtm4wp_err function| gtm4wp_onYouTubePlayerReady function| gtm4wp_onYouTubePlayerStateChange function| gtm4wp_onYouTubePlaybackQualityChange function| gtm4wp_onYouTubePlaybackRateChange function| gtm4wp_onYouTubeError function| gtm4wp_onYouTubeApiChange function| gtm4wp_onYouTubePercentageChange function| onYouTubeIframeAPIReady object| wpp_params object| WordPressPopularPosts object| misha_loadmore_params object| dataLayer_content number| uidEvent object| bootstrap function| insert_ads_in_repeater function| insertParam object| twemoji object| wp function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active boolean| ai_tracking_finished boolean| ai_js_code function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| ai_process_lists function| ai_process_ip_addresses object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| ai_install_standard_click_trackers function| ai_install_click_trackers function| ai_process_impressions object| google_tag_manager object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| google_tag_data string| GoogleAnalyticsObject function| ga object| ORIBI object| gaplugins object| gaGlobal object| gaData object| ensBootstraps object| Bootstrapper object| google_optimize object| ai_check_data object| ai_cookie function| arrive function| unbindArrive function| leave function| unbindLeave16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: fh7mEUpbzsI |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: eq_iGjNosXg |
|
.win.gg/ | Name: _gid Value: GA1.2.1885997631.1633428101 |
|
.win.gg/ | Name: _gat_UA-125662552-1 Value: 1 |
|
.win.gg/ | Name: oribi_user_guid Value: 6e9ab65f-3a51-329b-504f-913009496ef6 |
|
.win.gg/ | Name: oribi_session Value: 980f6665-9724-363c-c7ca-56a0e9b470a9 |
|
gw.oribi.io/ | Name: bridge_sid_Xy0xODg1MDA0Nzk1 Value: f1658e2e-a8cd-40e9-b975-c70492b25419 |
|
gw.oribi.io/ | Name: bridge_uid_Xy0xODg1MDA0Nzk1 Value: a7428b22-a0e7-4cf4-8680-489a4eb45196 |
|
.adsrvr.org/ | Name: TDID Value: 7e6023b8-3112-4a62-9ad1-47e6840d3621 |
|
.adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwjG0c3Lu_yDOhAFOAE. |
|
.choozle.com/ | Name: chzdpsync Value: eyJjaG9vemxlQ29va2llSWQiOiI4NjMyNDc2YS01YjBlLTQzMDEtODUwYS0xNWIzZTZlOTExZGIiLCJwcm92aWRlckNvb2tpZU1ldGEiOnsiT1JBQ0xFIjp7InByb3ZpZGVyIjoiT1JBQ0xFIiwicHJvdmlkZXJDb29raWVJZCI6IiRfQktfVVVJRCIsInByb3ZpZGVyUmVkaXJlY3RSZXF1ZXN0ZWQiOmZhbHNlLCJwcm92aWRlclJlZGlyZWN0U2VudCI6ZmFsc2V9LCJUVEQiOnsicHJvdmlkZXIiOiJUVEQiLCJwcm92aWRlckNvb2tpZUlkIjoiN2U2MDIzYjgtMzExMi00YTYyLTlhZDEtNDdlNjg0MGQzNjIxIiwicHJvdmlkZXJSZWRpcmVjdFJlcXVlc3RlZCI6ZmFsc2UsInByb3ZpZGVyUmVkaXJlY3RTZW50IjpmYWxzZX19LCJ2ZXJpZmllZCI6dHJ1ZSwic3BlY2lmaWNQcm92aWRlcnMiOltdfQ== |
|
.rlcdn.com/ | Name: rlas3 Value: sGDq8zG+4gDcQAgbz4o3qFJ4X1xNmICiIcXzPekEBlA= |
|
.rlcdn.com/ | Name: pxrc Value: CIbF8IoGEgUI6AcQABIGCLrqARAA |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmxZnxS-MJ9aVg0HBlgnPqRSu8mozDvIqFk_JLzkMzmCyVltrcpI93HCBAUEmk |
|
.win.gg/ | Name: _ga Value: GA1.2.1296005332.1633428101 |
|
.win.gg/ | Name: _ga_916JLHZYLF Value: GS1.1.1633428101.1.0.1633428102.59 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=300 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
analytics.google.com
buttons-config.sharethis.com
cdn.jsdelivr.net
cdn.oribi.io
cdn.winners.bet
cm.g.doubleclick.net
cs.choozle.com
d1eoo1tco6rr5e.cloudfront.net
gw.oribi.io
idsync.rlcdn.com
insight.adsrvr.org
l.sharethis.com
match.adsrvr.org
nexus.ensighten.com
platform-api.sharethis.com
stats.g.doubleclick.net
tags.bluekai.com
win.gg
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
104.111.215.191
13.224.193.17
13.225.83.200
142.250.181.226
18.158.98.109
18.195.42.228
18.198.109.212
2600:9000:20eb:e800:c:abe:f440:93a1
2600:9000:21f3:4800:d:3df0:6d00:93a1
2600:9000:21f3:6a00:13:c079:7880:93a1
2606:4700::6810:5914
2a00:1450:4001:803::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
34.246.120.40
35.244.174.68
54.212.95.222
54.83.174.194
76.223.111.131
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0ca7188912ef3473bb7943356daf3909fb28acf076110495dd4eff399334fe70
0f6bbb7e286f1f3ad2aadaa4794d4f1ce8d2a1a262f1a9b8851533edbd41ae79
1bb4be9a979758a0f69790ce74d852bec2ba5a12ad17000956dc87663a22095c
29cbbc904491419df6072fa909da83136461831a5f8f91a2d8344c53cabd0c8c
2b1dc46e16d5cc95f291c02861fcc6ebb110c2e37b599535d79d411293c9d2f3
2fb07bc2036b6b6338b8632cdb49566bb1a3fdaa471b628345de4459692362c8
3970d67114f59859df23a9c21d9a5f4dfb5390869f79bf5c749332edc2137d1d
43c32617529d416391eed20028644a3045ecdb646146cc146bc8a6250fec979d
43e23b3a6c8646c53f6da949cc173f5cd554b7e5b710d94679beab46a59d0b9c
4f2f14c39c4b652a6bfed55bf65c3434d2d1707996601db9b2c5f43df38ff0e7
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60e1017c6585464aa240b13f4074ab5ea100dcbdb72615124ff575bcc891a542
62c6ababbe88d3d4496203cd685f2b900a0cb382b8e24704ad25e84b8ed80833
6bd0d16c3555bfcc67ef71f43e54db747bd6826323ee0d8eca64ae4eda19d0f2
7940523b8dc250d607eb1c29860132762f634859ba03b88605b2e0a6591b34c5
79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
875ca1fe8a85b43fefb0206533f96bd56905305e6e0291c0b5284daf07b0c9e9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f32f32af54e3e5c596dbcdf5fad763a100610d91fc1b2cbf563b9fe4a3c22c1
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d
96ae6a03a75db67d90cdae793dabdb904860f79f05feeaea10a4e09428719763
a1d716178bcf70cdd4a0ca2efc9445cd3c738f76d1ef5a9db7bfc0bd0ddee8b2
a460867641adc96414fe08a934ba16de4bc98e1cb940417b810205d2ce9650fa
a83bf33080e6fd7aa375b48f11f4ac7b1a186d94a36af178e417cc00d6e09a7d
a9f277261030fc350875f351bc5ea5cbde683d28eff1ec5800b1a0162b0fe464
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60
b98d73c9da43ab088e858bcfadfa96208819a10c743b730ccf229e427655cd82
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1a86d7c11a5c83b82c7e6f814aff6286a9fe3483b8e0e2c16089370bad4676d
c20b72a0b1382ecc7e0a5626b3cbb54bae9c31b493580c41887a1a8b1e87034e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c555bc295bb01f8cf5343bf7e338efa35182951447d9362a01ab618b31935ed4
c983bccbfa3aeec262e4469747aaf9d860d93fedcf3ba263c84bd7ef21430234
caf6362ca050e7d51d7504ebc412a99948a580a37972447db3e711ede38120b0
cda95a3b43307cf6a5e622a6c182401a09cedcaab2e22f7f73fb32190eb191e7
cea9c3393f4b0a57475e38dbbff527aca7a3aa2d107b4b4742b937c2507e2063
d905e1e08cc9a120a8630d1aeb347f7ba8d412361e251a07ea5f000c832c7412
dc90781a585ef590af0f39072db0a869f75030f4e4a7d06180f822d4c05d1ed8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e146a98db546776df17b38518da672662ded480dfd55dd7fdf69f39fb3eb707e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71844713724b4fcab5c35196495fc70dce7dc5fc0f6ebc195303883d8e04ba8
ebab19f74d95b1c10457dbf025009438a9479c198c5e96a829c64f4b4298cf46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62