urlscan.io logo urlscan.io
SecurityTrails logo

win.com Open in urlscan Pro
2606:4700:3035::681b:b403  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://win.com/
Effective URL: https://win.com/
Submission: On February 05 via manual from MA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3035::681b:b403, located in United States and belongs to CLOUDFLARENET, US. The main domain is win.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on July 8th 2019. Valid for: a year.
This is the only time win.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 143.204.214.14 16509 (AMAZON-02)
21 5
Apex Domain
Subdomains		 Transfer
17 win.com
win.com
716 KB
2 driftt.com
js.driftt.com
45 KB
2 google-analytics.com
www.google-analytics.com
18 KB
1 googletagmanager.com
www.googletagmanager.com
21 KB
21 4
Domain Requested by
17 win.com 1 redirects win.com
2 js.driftt.com win.com
js.driftt.com
2 www.google-analytics.com www.googletagmanager.com
win.com
1 www.googletagmanager.com win.com
21 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-07-08 -
2020-07-07		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-14 -
2020-04-07		 3 months crt.sh
drift.com
Amazon		 2019-10-03 -
2020-11-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://win.com/
Frame ID: C24D6A6DCE2C075F929DAEEDE10EADE2
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 7CF3129D15AA10C9A96FEECB20167B11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://win.com/ HTTP 301
    https://win.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

21
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

799 kB
Transfer

1478 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://win.com/ HTTP 301
    https://win.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
win.com/
Redirect Chain
  • http://win.com/
  • https://win.com/
113 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c120958c8605270a0a86235d5eb0ff1223ae12cc482c83230fff040250fb4aa2

Request headers

:method
GET
:authority
win.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Wed, 05 Feb 2020 11:59:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d70148689594fc950b1582762726029921580903951; expires=Fri, 06-Mar-20 11:59:11 GMT; path=/; domain=.win.com; HttpOnly; SameSite=Lax
cache-control
public, max-age=0, must-revalidate
age
171560
vary
Accept-Encoding
x-nf-request-id
40267c8e-eabd-472e-b3b1-604c8ff90ad5-6152248
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5604b77dfb7cdfa5-FRA
content-encoding
br

Redirect headers

Date
Wed, 05 Feb 2020 11:59:11 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 05 Feb 2020 12:59:11 GMT
Location
https://win.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5604b77dbdd0d6c9-FRA
AvenirNextLTPro-Regular-b5ed933057eaf1919dd79d81248cdbce.otf
win.com/static/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.com/static/AvenirNextLTPro-Regular-b5ed933057eaf1919dd79d81248cdbce.otf
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d7fc503db5e58915ced447c70c1743ae04ba01b5114c67bef1ea89d082653a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://win.com/
Origin
https://win.com

Response headers

x-nf-request-id
ed26ac47-1917-4192-8598-badca4822c3d-1739743
date
Wed, 05 Feb 2020 11:59:11 GMT
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"14252757d12ad8d0250edf9714fe7ddd-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/vnd.oasis.opendocument.formula-template
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e5c88dfa5-FRA
AvenirNextLTPro-Bold-91d8ff8ac25f51073a577408ae9cec86.otf
win.com/static/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.com/static/AvenirNextLTPro-Bold-91d8ff8ac25f51073a577408ae9cec86.otf
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b35300a2a0d53f458f42d6ab474c3e0b3370dd57558b5d1bbb4ee65727e0cf3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://win.com/
Origin
https://win.com

Response headers

x-nf-request-id
ed26ac47-1917-4192-8598-badca4822c3d-1739746
date
Wed, 05 Feb 2020 11:59:11 GMT
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"659d85513dd04fc9184246c43c722e62-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/vnd.oasis.opendocument.formula-template
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e5c8fdfa5-FRA
AvenirNextLTPro-Demi-553decd415b14f0f0662a4694c624846.otf
win.com/static/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.com/static/AvenirNextLTPro-Demi-553decd415b14f0f0662a4694c624846.otf
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bd490289da52ce0c43f277fd6f7aa0f2e632a7b2b8cc6eeb5772729ff89ae7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://win.com/
Origin
https://win.com

Response headers

x-nf-request-id
ed26ac47-1917-4192-8598-badca4822c3d-1739744
date
Wed, 05 Feb 2020 11:59:11 GMT
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"ceb0a33bb7f3c03f387463509ec491aa-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/vnd.oasis.opendocument.formula-template
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e5c91dfa5-FRA
AvenirNextLTPro-MediumCn-0352c73aaec044658cba6c7c25ace156.otf
win.com/static/ 		67 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.com/static/AvenirNextLTPro-MediumCn-0352c73aaec044658cba6c7c25ace156.otf
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02e7838a7b439b765ac8749b24daf71f80b55e878679647b2659321e32507d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://win.com/
Origin
https://win.com

Response headers

x-nf-request-id
7bedd018-0f0b-4099-8191-d9bb80e8bbd2-1849521
date
Wed, 05 Feb 2020 11:59:11 GMT
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"790899a5a0a04e479567c77e45d9a872-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/vnd.oasis.opendocument.formula-template
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e5c93dfa5-FRA
gtm.js
www.googletagmanager.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MBXM67Z
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9552161c29e3c7cad678b2e53acd73e90515ed2ecd36f1ea6306d0e72bb390aa
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 11:59:11 GMT
content-encoding
br
status
200
strict-transport-security
max-age=300; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21359
x-xss-protection
0
last-modified
Wed, 05 Feb 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Feb 2020 11:59:11 GMT
component---src-pages-index-tsx-68bbff4159ebfea605fb.js
win.com/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.com/component---src-pages-index-tsx-68bbff4159ebfea605fb.js
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0618a521c41c9d8b175b3b5f184bf6e31312a3546195c52fb6278b5768d11ab1

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nf-request-id
ed26ac47-1917-4192-8598-badca4822c3d-1739751
date
Wed, 05 Feb 2020 11:59:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"c61ee766291474a61c43f1d2d3732597-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e8d01dfa5-FRA
app-893f523a7e2ad384ae0d.js
win.com/ 		202 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.com/app-893f523a7e2ad384ae0d.js
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
232aea6cd63e885df686d90ada6947b57343d2fd1bea0e1e395bbe569dc1d5b3

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nf-request-id
ed26ac47-1917-4192-8598-badca4822c3d-1739763
date
Wed, 05 Feb 2020 11:59:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"dc8dfdc3e47a79763ee86c240932a900-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e8d05dfa5-FRA
9-cb3fc24790f6885442fd.js
win.com/ 		212 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.com/9-cb3fc24790f6885442fd.js
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceaf6979c6e978dcf2d80d125f6e60d9f164400d0a8674c6aa2878b02f92f8f3

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nf-request-id
ab593a4d-9dd6-4091-854f-04d69edde09e-3488911
date
Wed, 05 Feb 2020 11:59:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"e027c39a605addc099176bc65cfde027-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e8d06dfa5-FRA
0-d69df193b37fa2be089e.js
win.com/ 		92 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.com/0-d69df193b37fa2be089e.js
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
836762b6efc3ac319df10bddde1a6fd1f5a71ff7f7bdda126a325d6205cd8afb

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nf-request-id
ed26ac47-1917-4192-8598-badca4822c3d-1739750
date
Wed, 05 Feb 2020 11:59:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"29a1fd0d795ea045534517b7cb52fdd1-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e8d08dfa5-FRA
styles-b3e90253bef91a4a35c7.js
win.com/ 		160 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.com/styles-b3e90253bef91a4a35c7.js
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06a3b221ed295cbeaf777ea5439a7f3928b7d345fe6a7a0cf3642c0a5c8d4c51

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nf-request-id
ab593a4d-9dd6-4091-854f-04d69edde09e-3488912
date
Wed, 05 Feb 2020 11:59:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"c02275ff9b66d037d052bc13cfe90a6e-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e8d0cdfa5-FRA
webpack-runtime-dc48bb2e6004bdc73618.js
win.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.com/webpack-runtime-dc48bb2e6004bdc73618.js
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb9a31e727187294698e48c82bbb7ded315d32d65115a8f55a8d55874a4c825d

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nf-request-id
ed26ac47-1917-4192-8598-badca4822c3d-1739755
date
Wed, 05 Feb 2020 11:59:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"6c1331f99aacd9f8db414948454fd103-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e8d0edfa5-FRA
page-data.json
win.com/page-data/index/ 		8 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://win.com/page-data/index/page-data.json
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bcbc4f8efa172ad836f89f6429e1a8fb889d90fa0ab807e3ae38a66bc2e6092

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://win.com/
Origin
https://win.com

Response headers

x-nf-request-id
40267c8e-eabd-472e-b3b1-604c8ff90ad5-6152274
date
Wed, 05 Feb 2020 11:59:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
age
160263
etag
W/"52f9cb85d65cf7a26bb3d685cf828f4c-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
status
200
cache-control
public, max-age=0, must-revalidate
cf-ray
5604b77e8d12dfa5-FRA
feature1-ab1ab8bbf9d1508440d23cfc5771ab74.svg
win.com/static/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.com/static/feature1-ab1ab8bbf9d1508440d23cfc5771ab74.svg
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84af5c61baa66501e151cb3a0e21e4a755c0870d6c47161f9bd0846253d8a8a

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nf-request-id
ed26ac47-1917-4192-8598-badca4822c3d-1739760
date
Wed, 05 Feb 2020 11:59:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"b8b9683547f4bca78198238b25940ce0-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400, must-revalidate
cf-ray
5604b77e8d13dfa5-FRA
truncated
/ 		1011 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3ca611a4d328a07e5c15955888056a566dd43e7bc6cd6fb1987502f1472922f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1005 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be9ec4038ad333c196052a8ff53cf9cebcc90a8697497ea78ce7455eedf0a0d1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1005 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d87da50115fef9f5fb19586f595d661479f49e42bc68d542353383f25ebbb35c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f7b9666a038c4b2c1f1a66ba8cd2a7e93f9ffb6b0e55264b71773c45af78e27

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b247abd7890775dacdce4bddf061777ecdbb21d1d95a5449aa0368f00ccc0d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		876 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e14f639bf6f906c072ab39fb9200d552d4f73fc9889b21fd7931079d2f6cfd3b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		875 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0abc74a2be93e3e5f52adf390c48cb98a878c80ecde6ebf9c6bdc7c5ee324d7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa6423adb1143dac58893013f28bfa6dee8754dffe6d1e455e51522bea0485ae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		793 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10b422ba83bbcaabd9d1193d1dcde358bc90269fb0b63ccdc71756cfb30e33df

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1003 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af84f0b06cd326922782600519d158b39030374d876922b3c517361891b805ca

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1013 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d9dba939ffe7ff007f2234d14ac23e5ace0e16865cfd4d6dfc4bbca52b53f72

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		314 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98940b71053e17086d2ca3850ea5d9dbf77cde66ab25ab40973e5238055feb83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBXM67Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jan 2020 01:10:36 GMT
server
Golfe2
age
641
date
Wed, 05 Feb 2020 11:48:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17926
expires
Wed, 05 Feb 2020 13:48:30 GMT
vmkw2hz3vnwt.js
js.driftt.com/include/1580904000000/ 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1580904000000/vmkw2hz3vnwt.js
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-14.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
99522f1a9ecb12731f68d90aca16453bf772ac84c8250f45f715c1daaa2a4dac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 11:59:11 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jan 2020 17:34:04 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=10
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
LtgL3blcETBybY_WUr1wLYxa3197npcvH-rqaPaoQwKEJZ9LssZeNg==
hero-img.png
win.com/static/30ebff2fa1dca0ee5f292da7581bcc0d/af144/ 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.com/static/30ebff2fa1dca0ee5f292da7581bcc0d/af144/hero-img.png
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e30f8e51873b8d0fd36f224a2cb5f433b89039e076e7fb5f795ce5ce75741a9

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nf-request-id
88ae415a-7003-4229-b583-16a6ca590e10-5798489
date
Wed, 05 Feb 2020 11:59:11 GMT
cf-cache-status
REVALIDATED
server
cloudflare
etag
"568a35a1c768c8a0eae69769a8c47cb3-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
5604b77fa88ddfa5-FRA
content-length
203971
feature2.png
win.com/static/85c403ca41a009fe63fa095099a95f0d/af144/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.com/static/85c403ca41a009fe63fa095099a95f0d/af144/feature2.png
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6cc8f268bd73f7ad20469d6d2f36833b121effe462c3eb646fe288b2e3d501c

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nf-request-id
6929ee11-17ee-44ee-92db-5c06a3fb71e3-14259893
date
Wed, 05 Feb 2020 11:59:11 GMT
cf-cache-status
REVALIDATED
server
cloudflare
etag
"b2fd0e047f3cce91a8497500f5ebbc01-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
5604b77fa891dfa5-FRA
content-length
31677
feature3.png
win.com/static/83afa922d8c56bf03852f6f3cf716b3e/af144/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.com/static/83afa922d8c56bf03852f6f3cf716b3e/af144/feature3.png
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5951110391918111beec6aa52879fa83bb606bbfb4a785b23bbb25e126a72b

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nf-request-id
76d4a884-7811-435b-a0a4-e9b0f934ad71-7602091
date
Wed, 05 Feb 2020 11:59:11 GMT
cf-cache-status
REVALIDATED
server
cloudflare
etag
"019e347adb7088c3da466ab5110b7c6d-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
5604b77fa892dfa5-FRA
content-length
25981
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j80&a=380063278&t=pageview&_s=1&dl=https%3A%2F%2Fwin.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=404351925&gjid=1605563297&cid=1506108950.1580903951&tid=UA-132813355-2&_gid=1483783377.1580903951&_r=1&gtm=2wg1m0MBXM67Z&z=2101061932
Requested by
Host: win.com
URL: https://win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 11:59:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
js.driftt.com/deploy/assets/ Frame 7CF3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/deploy/assets/index.html
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1580904000000/vmkw2hz3vnwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-14.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/deploy/assets/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://win.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://win.com/

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
894
server
nginx
last-modified
Tue, 28 Jan 2020 17:34:04 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Feb 2020 11:59:10 GMT
etag
"508cd46eba6fe217807e5e413cb0a3ab"
cache-control
max-age=10
x-cache
Hit from cloudfront
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
NOc3uSeT-KFnzV6BP445ad3TS5H4OUcfSqAZLf2qlOnmbGqSyZwyNw==
age
2

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer string| pagePath string| webpackCompilationHash object| ___chunkMapping object| webpackJsonp object| google_tag_manager object| __core-js_shared__ object| core object| asyncRequires object| ___emitter object| ___loader string| ___webpackCompilationHash boolean| __navigatingToLink function| ___push function| ___replace function| ___navigate object| scCGSHMRCache object| regeneratorRuntime string| GoogleAnalyticsObject function| ga function| drift function| driftt object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| platform boolean| __DRIFTT_WIDGET_INCLUDED__ string| __DRIFT_INSTANCE_ID__ boolean| __DRIFTT_SHOW_WIDGET_ON_BOOT__

5 Cookies

Domain/Path Name / Value
.win.com/ Name: _gat_UA-132813355-2
Value: 1
win.com/ Name: driftt_aid
Value: f553fb36-26fe-4b3d-ac23-54447201a932
.win.com/ Name: _gid
Value: GA1.2.1483783377.1580903951
.win.com/ Name: _ga
Value: GA1.2.1506108950.1580903951
.win.com/ Name: __cfduid
Value: d70148689594fc950b1582762726029921580903951

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js.driftt.com
win.com
www.google-analytics.com
www.googletagmanager.com
143.204.214.14
2606:4700:3035::681b:b403
2a00:1450:4001:824::2008
2a00:1450:4001:825::200e
0618a521c41c9d8b175b3b5f184bf6e31312a3546195c52fb6278b5768d11ab1
06a3b221ed295cbeaf777ea5439a7f3928b7d345fe6a7a0cf3642c0a5c8d4c51
10b422ba83bbcaabd9d1193d1dcde358bc90269fb0b63ccdc71756cfb30e33df
1b35300a2a0d53f458f42d6ab474c3e0b3370dd57558b5d1bbb4ee65727e0cf3
1f7b9666a038c4b2c1f1a66ba8cd2a7e93f9ffb6b0e55264b71773c45af78e27
21d7fc503db5e58915ced447c70c1743ae04ba01b5114c67bef1ea89d082653a
232aea6cd63e885df686d90ada6947b57343d2fd1bea0e1e395bbe569dc1d5b3
2e30f8e51873b8d0fd36f224a2cb5f433b89039e076e7fb5f795ce5ce75741a9
5a5951110391918111beec6aa52879fa83bb606bbfb4a785b23bbb25e126a72b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836762b6efc3ac319df10bddde1a6fd1f5a71ff7f7bdda126a325d6205cd8afb
8d9dba939ffe7ff007f2234d14ac23e5ace0e16865cfd4d6dfc4bbca52b53f72
9552161c29e3c7cad678b2e53acd73e90515ed2ecd36f1ea6306d0e72bb390aa
98940b71053e17086d2ca3850ea5d9dbf77cde66ab25ab40973e5238055feb83
98bd490289da52ce0c43f277fd6f7aa0f2e632a7b2b8cc6eeb5772729ff89ae7
99522f1a9ecb12731f68d90aca16453bf772ac84c8250f45f715c1daaa2a4dac
9bcbc4f8efa172ad836f89f6429e1a8fb889d90fa0ab807e3ae38a66bc2e6092
a3ca611a4d328a07e5c15955888056a566dd43e7bc6cd6fb1987502f1472922f
a6cc8f268bd73f7ad20469d6d2f36833b121effe462c3eb646fe288b2e3d501c
aa6423adb1143dac58893013f28bfa6dee8754dffe6d1e455e51522bea0485ae
af84f0b06cd326922782600519d158b39030374d876922b3c517361891b805ca
b02e7838a7b439b765ac8749b24daf71f80b55e878679647b2659321e32507d4
b247abd7890775dacdce4bddf061777ecdbb21d1d95a5449aa0368f00ccc0d96
bb9a31e727187294698e48c82bbb7ded315d32d65115a8f55a8d55874a4c825d
be9ec4038ad333c196052a8ff53cf9cebcc90a8697497ea78ce7455eedf0a0d1
c0abc74a2be93e3e5f52adf390c48cb98a878c80ecde6ebf9c6bdc7c5ee324d7
c120958c8605270a0a86235d5eb0ff1223ae12cc482c83230fff040250fb4aa2
c84af5c61baa66501e151cb3a0e21e4a755c0870d6c47161f9bd0846253d8a8a
ceaf6979c6e978dcf2d80d125f6e60d9f164400d0a8674c6aa2878b02f92f8f3
d87da50115fef9f5fb19586f595d661479f49e42bc68d542353383f25ebbb35c
e14f639bf6f906c072ab39fb9200d552d4f73fc9889b21fd7931079d2f6cfd3b
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796