Submitted URL: http://rifa.games/
Effective URL: https://rifa.games/
Submission: On February 26 via manual from PH — Scanned from ES

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is rifa.games.
TLS certificate: Issued by GTS CA 1P5 on February 25th 2023. Valid for: 3 months.
This is the only time rifa.games was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a04:4e42:200... 54113 (FASTLY)
10 162.159.135.232 13335 (CLOUDFLAR...)
1 34.96.91.138 396982 (GOOGLE-CL...)
1 162.159.135.233 13335 (CLOUDFLAR...)
18 6
Apex Domain
Subdomains
Transfer
10 discord.com
discord.com — Cisco Umbrella Rank: 2226
209 KB
5 rifa.games
rifa.games
13 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 339
50 KB
1 discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 3165
6 KB
1 wixmp.com
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com — Cisco Umbrella Rank: 13719
358 KB
18 5
Domain Requested by
10 discord.com rifa.games
discord.com
5 rifa.games 1 redirects rifa.games
2 cdn.jsdelivr.net rifa.games
1 cdn.discordapp.com discord.com
1 images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com rifa.games
18 5

This site contains links to these domains. Also see Links.

Domain
discord.gg
rifador.net
api.whatsapp.com
Subject Issuer Validity Valid
*.rifa.games
GTS CA 1P5
2023-02-25 -
2023-05-26
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-11-19 -
2023-11-19
a year crt.sh
*.wixmp.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-28 -
2023-03-27
6 months crt.sh

This page contains 3 frames:

Primary Page: https://rifa.games/
Frame ID: F5C3EC0B4AE69C0E85745A6A1CA5AF45
Requests: 8 HTTP requests in this frame

Frame: https://discord.com/widget?id=1079046671805198376&theme=dark
Frame ID: 75F8D02DA3C8A54B1774D0452F5930A5
Requests: 8 HTTP requests in this frame

Frame: https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677398400
Frame ID: 3CE8780CC13A32214B8F6605B6C3BB18
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Rifa.Games - Sorteio de Jogos Populares da Steam, Origin, Epic, Rockstar e muito mais!

Page URL History Show full URLs

  1. http://rifa.games/ HTTP 301
    https://rifa.games/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

636 kB
Transfer

1030 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rifa.games/ HTTP 301
    https://rifa.games/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rifa.games/
Redirect Chain
  • http://rifa.games/
  • https://rifa.games/
6 KB
3 KB
Document
General
Full URL
https://rifa.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4e44ed2305f08f8d6c995b2b8803a77dcf7ee263d0992aebded22c3fa9c92d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79f73b626b20ff20-MAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 26 Feb 2023 08:15:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4rc4g5M%2Fgm59l8MFUR77bBtFFrRNWUq%2BRNZlJTrK1IMnVuuXs1kPEFsDhyYBmvZhXmc4OBkF%2FY1mYvpuqADwOXWpxt87Gz2RtE%2FR49VyoZFVuBfCbL1kazWYpWiyYBgy5EMGfCLFOQ7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
79f73b61afd61a7b-MAD
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 26 Feb 2023 08:15:16 GMT
Expires
Sun, 26 Feb 2023 09:15:16 GMT
Location
https://rifa.games/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jq9SQzRk%2FlhfLCqCkEefMWRCq2WVO4whp2dOKpIYWYrpz%2Bb6yZIHj1NBawrqv26mxTvS2W7LJyAJssPCi%2BZyaOOEfsFs0Ft4ziUbnyY2ikuos%2B36qLRtL6h6trz5Oi0lUZR1MkCgBTXv"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/
190 KB
27 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css
Requested by
Host: rifa.games
URL: https://rifa.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rifa.games/
Origin
https://rifa.games
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 26 Feb 2023 08:15:17 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
1656819
x-jsd-version
5.2.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
27506
x-served-by
cache-fra-eddf8230072-FRA, cache-mad22083-MAD
x-jsd-version-type
version
etag
W/"2f955-er7QcON84GDApWFXXx1Bp/JI/HQ"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
rifa.games/assets/css/
1 KB
809 B
Stylesheet
General
Full URL
https://rifa.games/assets/css/style.css?p=1677399317
Requested by
Host: rifa.games
URL: https://rifa.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
659783d4ddc3dabe78e1de7357d2e8fa56b8a2166f828e4f245dd40de44c6ee3

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rifa.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 25 Feb 2023 16:59:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"426-5f5892b0428db-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqVE9WA80BfIage1T7O2J74Ummdzyb9D586V5%2Bus9ZdsSTMvfpS9Exn3w1n9EL9CVqugWbDqu7IaoZxVHn9dcppNCdK51NugeMPi8GWtOCLzely3iUlV6B6PxDsmU3FgMqpp8tOrjUDi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
79f73b63ec6bff20-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/
79 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: rifa.games
URL: https://rifa.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rifa.games/
Origin
https://rifa.games
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 26 Feb 2023 08:15:17 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
3391830
x-jsd-version
5.2.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23315
x-served-by
cache-fra-eddf8230122-FRA, cache-mad22083-MAD
x-jsd-version-type
version
etag
W/"13a70-XI9suYM5fetlZzuWGoZXz9YROtk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
widget
discord.com/ Frame 75F8
2 KB
2 KB
Document
General
Full URL
https://discord.com/widget?id=1079046671805198376&theme=dark
Requested by
Host: rifa.games
URL: https://rifa.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e436c54c73bdd713786ac539ce03299640943248f9406cc36ba811b324a5d585
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rifa.games/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
79f73b64bf6386cc-MAD
content-encoding
br
content-type
text/html
date
Sun, 26 Feb 2023 08:15:17 GMT
last-modified
Mon, 06 Jun 2022 20:56:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
interest-cohort=()
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRQSDucgA%2FZmE9bOxy8ezRy2Kk9W9E8H2UIJ4JZLPKNx%2BWsjPeKa0RPZK8daZCveR0e5caYpS1ehSrwccluEihlHx8tZLhWuFTEbvDCSZe2W4R%2F9PNOnwJcAry7z"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-build-id
658afa3e9b2fd84f7825b019e925af528bcb2f76
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.693fb6cb383c52b4acb1.css
discord.com/assets/ Frame 75F8
13 KB
3 KB
Stylesheet
General
Full URL
https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Requested by
Host: discord.com
URL: https://discord.com/widget?id=1079046671805198376&theme=dark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f96cc8e0ca634b6b06ff036d3e578110a81d894bdd7b1f1031d748191c5d93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://discord.com/widget?id=1079046671805198376&theme=dark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 06 Jun 2022 20:43:47 GMT
server
cloudflare
etag
W/"63996df123566cc2b4d4b5370f61ce8e"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SikcFN85ZPh8E7ff4fsijZVwmsNIVLghT00J8URy52HEN%2Fe6DpuPNxGgbYrPius4RZk7EQ670mtRcsSxZeFxABU%2F8LHuG%2BVUYln0RfAiq8LK2%2BKkM%2BVgH32NKsR"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
79f73b652fcb86cc-MAD
e33e6e9d9de3d3040d8b.js
discord.com/assets/ Frame 75F8
179 KB
59 KB
Script
General
Full URL
https://discord.com/assets/e33e6e9d9de3d3040d8b.js
Requested by
Host: discord.com
URL: https://discord.com/widget?id=1079046671805198376&theme=dark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ac62415f3776b625d9f849bd650501d9079187a98f7cf1fe83861141d40b29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://discord.com/widget?id=1079046671805198376&theme=dark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 06 Jun 2022 20:43:47 GMT
server
cloudflare
etag
W/"1d8b2b7b16bc5c35f14e2f4f7b321626"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEad9pu3bLzVh0pN%2Fn6AnEsw3s8oSQ4JWR96r1BhWsAadEd3a5HbsBQNx2NoUKJdke7rxqz4kn9yVdF5EbhHIstJd6oxx5jjOcPcNmrkw1FKPH70aVcPjt6YwZ9z"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
79f73b652fcd86cc-MAD
pattern-dark2.svg
rifa.games/assets/img/
11 KB
2 KB
Image
General
Full URL
https://rifa.games/assets/img/pattern-dark2.svg
Requested by
Host: rifa.games
URL: https://rifa.games/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d40ed9a5a5461dc0a54a02ebe60e546037566c5ad97d7a94d03bc44070b9d6a

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rifa.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 25 Feb 2023 16:42:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
67
etag
W/"2cea-5f588edcf2511"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQZ2g1qFX9JSUam6GPZ6zypoWIiJov0Bc4tFGZC4jOKtHM9KsagbcsnVTZTMP5DeazevWdvK4emXoB9pBaj9GtN70zVYL1j%2FYI8bn0nrzBUBKXtBF%2FnQupyJh0dMkvURVYuuNtwXa9uG"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
79f73b656a19041c-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/
199 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
dfo4a7f-cf3d7abf-a42b-4c1a-8cff-f73d505451ee.jpg
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/1e775fac-17e5-4405-b7a0-299d0d7f9744/
358 KB
358 KB
Image
General
Full URL
https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/1e775fac-17e5-4405-b7a0-299d0d7f9744/dfo4a7f-cf3d7abf-a42b-4c1a-8cff-f73d505451ee.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7InBhdGgiOiJcL2ZcLzFlNzc1ZmFjLTE3ZTUtNDQwNS1iN2EwLTI5OWQwZDdmOTc0NFwvZGZvNGE3Zi1jZjNkN2FiZi1hNDJiLTRjMWEtOGNmZi1mNzNkNTA1NDUxZWUuanBnIn1dXSwiYXVkIjpbInVybjpzZXJ2aWNlOmZpbGUuZG93bmxvYWQiXX0.-YY6q1SLbl9elGbVQNT2jL79RgAwrwEbFRwAjcDor-M
Requested by
Host: rifa.games
URL: https://rifa.games/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.91.138 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.91.96.34.bc.googleusercontent.com
Software
/
Resource Hash
0cb76296535c5b7a091957384c9c42caf2a9497d318eb431ec56a8863132725b

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rifa.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 18:12:28 GMT
via
1.1 google
age
223369
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
366463
wix-tracer
2M9NgSYToO4qwTard6ItWjE7RTE
x-seen-by
image-manipulator-5c8474959c-s2tm7
whatsapp-square-social-media-512.webp
rifa.games/assets/img/
7 KB
7 KB
Image
General
Full URL
https://rifa.games/assets/img/whatsapp-square-social-media-512.webp
Requested by
Host: rifa.games
URL: https://rifa.games/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b30246bc5dc02014bf882ab11b7068ede48911938ebe7b06c5fe8fbe1f5cd77

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://rifa.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
cf-cache-status
HIT
last-modified
Sat, 25 Feb 2023 16:42:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
67
etag
"1afc-5f588edef6ec2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Xe6LtuVOUJWZVkSizklgSfS%2BOuox0GuusBmvrmNWhVjpenjGjoiaqbVgNoAXH1IPSNb5FCLk0F7gbefCh6fzjpyFLYEGO1ktECHM9C3q%2BFPZRxrQ3hiVNiXFP4PgT3PTdA9xkJkYwso"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79f73b657a30041c-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6908
widget.json
discord.com/api/guilds/1079046671805198376/ Frame 75F8
504 B
916 B
XHR
General
Full URL
https://discord.com/api/guilds/1079046671805198376/widget.json
Requested by
Host: discord.com
URL: https://discord.com/assets/e33e6e9d9de3d3040d8b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71ff3300aa357b4231900a12c4641be342ea3a6b531e82a72a0b28724f803d30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://discord.com/widget?id=1079046671805198376&theme=dark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
age
67
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 26 Feb 2023 08:14:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygJQTzzdEH2M2OEVKAgSK8lsGTqb5WbLvyQwE6YB186BSfChLNsq2h03PXs9kFTQcUpZGL3bkdvsT%2FXIhAU0MtFhMKDkF9%2Fm%2FvPu1v8rAZ%2FGfFWB3aUupqCXMvNS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
public, max-age=300
cf-ray
79f73b65de4537df-MAD
expires
Sun, 26 Feb 2023 08:20:17 GMT
8f20d57d7d0ea34489dcdd432437f71c.svg
discord.com/assets/ Frame 75F8
5 KB
3 KB
Image
General
Full URL
https://discord.com/assets/8f20d57d7d0ea34489dcdd432437f71c.svg
Requested by
Host: discord.com
URL: https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030a48bdceecea284c28a35adf5b0f72dd3ef87274efa511da1fd1250434f240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://discord.com/assets/index.693fb6cb383c52b4acb1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 21 Aug 2021 08:15:50 GMT
server
cloudflare
etag
W/"8f20d57d7d0ea34489dcdd432437f71c"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbtTe2UyTRT%2BwpOaKaira5CYwGkuxtJwDrxxoB9Caclz%2FLFnhXshJrzRtrz2NYuTKrz1gjTuvsTrEPvrhU9cUTQ7otsXgIVT4CoUjDKQ3PH3LVAGa846zy39ICiC"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
79f73b65de4637df-MAD
746a4f241e03deffc59b08c5650cf458.woff
discord.com/assets/ Frame 75F8
61 KB
62 KB
Font
General
Full URL
https://discord.com/assets/746a4f241e03deffc59b08c5650cf458.woff
Requested by
Host: discord.com
URL: https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12954218db16e3a3c86a6ee84e41be8bb35cee983ffd5233b37c7e094f9dcf11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Origin
https://discord.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 00:47:08 GMT
server
cloudflare
etag
W/"746a4f241e03deffc59b08c5650cf458"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
application/font-woff
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5IWBHRKQ7bYW6f3kb68XikipcXhTWeFJFiEfPTrVfQnQxm1iIIT%2Fmx2f8PBQoZCMooFQVCOz9q1ufXFRIcS76xUV7OEJcI%2F4e7EHmRFS%2FskRLrEBS5mkr0SeLWd"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
79f73b65de4737df-MAD
32c4f766e4892c054dfd367dbe0fc6dc.woff
discord.com/assets/ Frame 75F8
54 KB
55 KB
Font
General
Full URL
https://discord.com/assets/32c4f766e4892c054dfd367dbe0fc6dc.woff
Requested by
Host: discord.com
URL: https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8612deb0cfdfde638ad9e286429dd4cf56418398dc0d6721ce43842403d9f320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Origin
https://discord.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 00:47:07 GMT
server
cloudflare
etag
W/"32c4f766e4892c054dfd367dbe0fc6dc"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
application/font-woff
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwyD6Q8aEHn4yswsGuSmjStjge58olhQtK2Afvq8wgenDgufPc4BDlhizF%2FclOwYDtxl9%2FqVR2aBWwWkbTOUT9QmwTpQABRT0tcXaDIAeEeVwiOEKc1vaF%2FcYWNy"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
79f73b65de4837df-MAD
invisible.js
discord.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 3CE8
34 KB
14 KB
Script
General
Full URL
https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677398400
Requested by
Host: rifa.games
URL: https://rifa.games/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
590b15e167c100f9d6731e6c3828b590b799fc7bc2a0203ec4f98369b078c7ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3v%2Fw48so9l562IMCAqWjc3fDMs5k03QPuegJfZPr1QanWl1q9VTlQWcM%2FzuR253369EPCak0%2F0qDRfyBE038XVFHPZz0WNbXO5c6k%2F5L8V8bcNr2VCuzzQdE2Uk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79f73b663ea037df-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
zZwPuKJMqMF2wwLEAPStu2U5QlEKJLgGUUk4l2JzE1TWiur3PMOW3Mu5ROMLS7i-Y8WP5OcOCABBL4eJvnMck-udEOK1FmnknMljZZ3kvpDyF29sZ_v9FI_irZALfZPzdlWhttpuCEjyhA
cdn.discordapp.com/widget-avatars/vCHFotMxdCNN5rx0IcqX_XgXpo47Pq7Ol9PLBh6Fmcg/ Frame 75F8
5 KB
6 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/vCHFotMxdCNN5rx0IcqX_XgXpo47Pq7Ol9PLBh6Fmcg/zZwPuKJMqMF2wwLEAPStu2U5QlEKJLgGUUk4l2JzE1TWiur3PMOW3Mu5ROMLS7i-Y8WP5OcOCABBL4eJvnMck-udEOK1FmnknMljZZ3kvpDyF29sZ_v9FI_irZALfZPzdlWhttpuCEjyhA
Requested by
Host: discord.com
URL: https://discord.com/widget?id=1079046671805198376&theme=dark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9272b26a19a1ad24f778b2c3c1f6e58a39844c9f90c2822616fdc5d97cea9a13

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39047
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5323
last-modified
Mon, 01 Jan 2018 01:09:46 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qrc74hAmbnni5gt1niO0wwFu1CgrYGGnPgogf2AxJsuOyhzvF5Kz5AWKRBOjiLoZCchWMrFF7F1m%2BNgj6Cnqg8F3ATJbf%2FNT0u3Irbmsj24Hb176I56nBkdyZ55gcibsSmmD5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
79f73b673e1414f1-MAD
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Mon, 26 Feb 2024 08:15:17 GMT
pica.js
discord.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 3CE8
24 KB
10 KB
Other
General
Full URL
https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: discord.com
URL: https://discord.com/widget?id=1079046671805198376&theme=dark
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20fbbdd858d44f366c5fb18bc42d855547c3d67c0bb8bf724192a12804bc91fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FLVjD1Dn2cvydKhe2CURY3JIXBKLPqOZfuivvrmSJ27ze6FHoGbrU6TARsbQojH665uaBSNJuWLupFBiV6vLgBFP%2BTyMuAZNV3fdVaaGU0J9h3P%2FjwcpB47yAqF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79f73b670f4537df-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
79f73b64bf6386cc
discord.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 3CE8
2 B
686 B
XHR
General
Full URL
https://discord.com/cdn-cgi/challenge-platform/h/g/cv/result/79f73b64bf6386cc
Requested by
Host: discord.com
URL: https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677398400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 26 Feb 2023 08:15:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZ1%2Fsa5bF1b3DBXcDcTPRu6ElHi5Q3nZlKq6kBgb5O%2FAceclC1Geo2gmNIveK7hvbiz%2BogrHzrBvAiMBMbx79pGPhN4Wq%2B%2BysYmo80u31TOveFRhW3ngEiZsHdkq"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79f73b69595937df-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless number| uidEvent object| bootstrap number| countDownDate number| x

3 Cookies

Domain/Path Name / Value
.discord.com/ Name: __cfruid
Value: 608a619d82372fae9da2656b35f84ce27cd3e7c4-1677399317
.discordapp.com/ Name: __cf_bm
Value: .y2BnKw_JKUP7HgeFxsjmvH9mSF.0XgCVRhc4ngV1Uo-1677399317-0-AVoQdMikVY5kke2/f1T1TYlq4XhuaSs2Yfj95ib96MXDVYX0SwD/YkO63XGI8eIavj2JTntV1pbXv0WWUgYpOoQ=
.discord.com/ Name: __cf_bm
Value: ps_MiUu3VYJEryv3YqiZ4jUSDJ0qx.MUJ8yekYsKO4g-1677399317-0-AeryCoDT4na4ManhYdVvbuGjR02CpVJSlaK1Rd5wCalby6ArLbZlzngLtrnMaOfcaae4X0p1ywl3fOSd3Y7JgylZkVGpdXiDrEQTzE/a0rJozgfuBvS7dfcr2w4TbY/HdZ+cH58ZFSzWOKmeTQb8eHU=

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.discordapp.com
cdn.jsdelivr.net
discord.com
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com
rifa.games
162.159.135.232
162.159.135.233
2a04:4e42:200::485
2a06:98c1:3121::c
34.96.91.138
030a48bdceecea284c28a35adf5b0f72dd3ef87274efa511da1fd1250434f240
0cb76296535c5b7a091957384c9c42caf2a9497d318eb431ec56a8863132725b
12954218db16e3a3c86a6ee84e41be8bb35cee983ffd5233b37c7e094f9dcf11
20fbbdd858d44f366c5fb18bc42d855547c3d67c0bb8bf724192a12804bc91fe
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3d40ed9a5a5461dc0a54a02ebe60e546037566c5ad97d7a94d03bc44070b9d6a
590b15e167c100f9d6731e6c3828b590b799fc7bc2a0203ec4f98369b078c7ac
659783d4ddc3dabe78e1de7357d2e8fa56b8a2166f828e4f245dd40de44c6ee3
71ff3300aa357b4231900a12c4641be342ea3a6b531e82a72a0b28724f803d30
77e67409caaf5014eaa2e2d96ac6210a1b4a987da0d5b3ff826221fe255d3def
7b30246bc5dc02014bf882ab11b7068ede48911938ebe7b06c5fe8fbe1f5cd77
8612deb0cfdfde638ad9e286429dd4cf56418398dc0d6721ce43842403d9f320
90ac62415f3776b625d9f849bd650501d9079187a98f7cf1fe83861141d40b29
9272b26a19a1ad24f778b2c3c1f6e58a39844c9f90c2822616fdc5d97cea9a13
9f4e44ed2305f08f8d6c995b2b8803a77dcf7ee263d0992aebded22c3fa9c92d
c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00
d5f96cc8e0ca634b6b06ff036d3e578110a81d894bdd7b1f1031d748191c5d93
e436c54c73bdd713786ac539ce03299640943248f9406cc36ba811b324a5d585